Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Rogue AP Detection and elimination

I have detected some rogue APs via our WCS but I don't know how to deauthenticate them so they become unusable.

there is one option i got to "contain" them

but i don't know how to contain them

any body has idea that how i can contain them from WCS or WLC


Hall of Fame Super Silver

Re: Rogue AP Detection and elimination

It's illegal (well you can get in trouble) to do this and really shouldn't be used, but here is a link.

You can also use the WLC.  Go to Monitor | Rogues | Choose one from the list and then click on the mac address of the rogue AP.  There is a drop down box that has the containment.

Sent from Cisco Technical Support iPhone App

*** Please rate helpful posts ***

Re: Rogue AP Detection and elimination

So you know how this works. Your access points will spoof the mac address of the rogue access point and will flood the air with deauthentication frames. This tells clients that want to attach to the rogue access point to "go away".

As Scott points out there could be legal ramifications to this.

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________