Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How can I block illegal wireless using WCS?

Hi,

I wondering if there is a way in WCS to prevent or shut any new wireless Networks that it sees other than its managed ones? If WCS does not do it is there a software.

Thanks

B Mathews

3 REPLIES

Re: How can I block illegal wireless using WCS?

Bmath,

     There are containment features for rogue access points (or atleast there used to be), it is not advised for legal reasons. Since the 2.4Ghz (802.11b/g/n) and 5Ghz (802.11a/n) frequencies are unlicensed it means anyone can use them at any time as long as they don't exceed the FCC maximum power limits, if you were to Jam them or act in such a way as to inhibit any persons use of the band then you would be breaking an FCC law (See FCC Part 15); Which basically states "any such device is that it may not cause any harmful interference." and theoretically since that is the direct intent of jamming or containment is to cause harmful interference then could potentially seek legal action.

     So my advice to you would be to research it further before you take any actions and even then make sure you are legally covered, since you have no legal rights to the frequency and therefore can't claim it as solely your own, the same applies to the other, this is an area where it's best to try and work with the other WiFi owners and see if you can find a compromise.

Hope this helps.

http://www.fcc.gov/oet/info/documents/bulletins/#63

http://www.arrl.org/tis/info/part15.html

Re: How can I block illegal wireless using WCS?

To piggy back on KM post.

You can use Rogue Containment as an option. RC when enabled tells your Cisco APs to spoof the mac address of the rogue AP and send deauth frames to any clients wanting to attach to the rogue access point. So you dont touch the rogue AP, you just tell the clients not to attach to it.

keep in mind, I actually did some light testing where we had over 200 rogues and turned on full out RC on everything as a brift test. I found the medium suffered by 20% as the APs were taking up the medium sending excessive deauthication frames.

RC is mostly use to put a rogue in check until you can investgate it ... Not something that is niormally left on by most clients.

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
Hall of Fame Super Gold

Re: How can I block illegal wireless using WCS?

And to piggyback Kayles and George's post:

I have used the WLC/WCS Containment option successfully (much to the chagrin of my employer) several times.  Before we employed WCS and because of the serious repercussion if I "prosecuted" the wrong AP, I had to be very sure the Rogue AP and/or Clients were INSIDE the WLAN/LAN premises of my employer.  I don't care if the Rogue APs and/or Clients were OUTSIDE the physical building of my employer.  I was given the green-light for those found inside the four corners of the building.  I used a crude method of triangulating the location of the Rogue AP and contained the AP.

After several successful "prosecution" of Rogues, our team became known as the Wireless Gestapo.

My advice is:  Aim before you shoot.

362
Views
0
Helpful
3
Replies