Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Rogue detection with Prime 2.1

Hi@all,

 

i know many questions in the last days, but i must say, the last WCS works better as the compination Prime 2.1 and 5760 ;).

My problem, we have a huge campus and at peaks ~ 1500 rogue-aps. 

In my new configuration (2x 5760 and Prime 2.1), the wlc see the rogue-aps but in the security dashboard at the prime no rogue are listet.

The 5760 are in the same mobility/rf-group, the polling interval at the Prime are 15 minutes.

Maybe some one has a similar problem and could help.

 

regards

  René

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

HiDo you see the rogue AP on

Hi

Do you see the rogue AP on 5760 itself ? "show wireless wps rogue ap summary" output shows you the identified rogue APs. If you can't see anything there, then you may not enable Rogue AP detection on your controller. See whether in your 5760 configuration, the first line below is configured (which will enable rogue detection). Second line is to increase the threshold to minimize false detection. Refer 5760 RRM config guide for more details.

wireless wps ap-authentication
wireless wps ap-authentication threshold 50

This document describe some of the best practices of 5760 configuration including rogue detection as well.

Cisco 5760 IOS Wireless LAN Controller Configuration Best Practices

 

HTH

Rasika

**** Pls rate all useful responses ****

7 REPLIES
VIP Purple

HiDo you see the rogue AP on

Hi

Do you see the rogue AP on 5760 itself ? "show wireless wps rogue ap summary" output shows you the identified rogue APs. If you can't see anything there, then you may not enable Rogue AP detection on your controller. See whether in your 5760 configuration, the first line below is configured (which will enable rogue detection). Second line is to increase the threshold to minimize false detection. Refer 5760 RRM config guide for more details.

wireless wps ap-authentication
wireless wps ap-authentication threshold 50

This document describe some of the best practices of 5760 configuration including rogue detection as well.

Cisco 5760 IOS Wireless LAN Controller Configuration Best Practices

 

HTH

Rasika

**** Pls rate all useful responses ****

New Member

Hi Rasika, Both 5760 see the

Hi Rasika,

 

Both 5760 see the rogue AP but in Prime they aren't shown.

WLC-1#sh wireless wps rogue ap summary

Rogue Location Discovery Protocol            : Enabled
Rogue on wire Auto-Contain                   : Disabled
Rogue using our SSID Auto-Contain            : Disabled
Valid client on rogue AP Auto-Contain        : Disabled
Rogue AP timeout                             : 1200
Rogue Detection Report Interval              : 10
Rogue AP minimum RSSI                        : -128
Rogue AP minimum transient time              : 0

Number of rogue APs detected : 206

MAC Address         Classification     # APs    # Clients   Last Heard
--------------------------------------------------------------------------------------
0002.6fe9.46f7      Unclassified       6        0           Fri Sep  5 08:22:09 2014

 

 

Kind regards

  René

New Member

Ok, maybe the failure was the

Ok, maybe the failure was the ap-autentication, because my setting was:

wireless wps none.

 

I have changed and now he shows the rogue APs in Prime.

 

Thx

VIP Purple

Glad to hear that :)

Glad to hear that :)

New Member

Ok, it  won't work.  First he

Ok, it  won't work. 

 

First he reported the correct amount of rogue to the Prime.  30min later he stoped, so at the moment we have again 0 reported rogue AP. But the mse see ~300.

VIP Purple

HiIf it is not working with

Hi

If it is not working with consistent behavior, I think you should reach TAC. They may know some specifics for these

HTH

Rasika

 

New Member

I have open an TAC. Thx for

I have open an TAC. Thx for your help.

123
Views
0
Helpful
7
Replies
CreatePlease login to create content