Does anyone know the reasoning for the disappearance of the Trusted AP policies that were there in version 4.x and are now apparently missing in version 5.x?
In 4.x the command set was "wps trusted-ap ..." and there was the curious "Validate SSID" setting in the GUI which had no command line equivalent. Perhaps the Validate SSID setting was a relic in the GUI that never really did anything, i.e. perhaps it was an orphaned GUI option?
In 4.x we also had the "wps rogue-ap ..." command set which was relocated to just being the "rogue ..." (no longer under wps) commands. However the trusted-ap commands never moved out of the wps command set - they just disappeared.
I can't find any explanations in the Cisco documentation, so has anyone else maybe figured it out or asked Cisco?
I'm particulary concerned about the Validate SSID option because I've promised it would be enabled in a design done prior to version 5's release. Now the customer (now on version 5) is asking if it's enabled or not, and I can't tell them if it is because it's vanished!
So are you saying that the old 4.x Trusted AP policies can now all be approximated by the new 5.x rule-based rogue classification? To me the old Validate SSID option never made much sense in the context of Trusted APs because, from the ref you quoted, it seems to have been intended to identify APs that are using one of your SSIDs and raise an alarm about it, i.e. it was meant to alarm on malicious rogues - not trusted ones.
And then also what about all those other Trusted AP settings that disappeared? Can they also be reproduced as rogue-classification rules?