Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
456
Views
0
Helpful
4
Replies

WiSMs appear to be auto-containing rogues

John.Gerlach
Level 1
Level 1

‎03-12-2009 11:30 AM - edited ‎07-03-2021 05:18 PM

(This appears to be the converse situation of another relatively recent post. I thought it might be better to have a separate thread rather than muddy up that conversation).

I have a relatively new deployment of 8 WiSMs controllers (4 of which are currently production and 4 are available for failover). The WiSMs are running code v5.2.157.0 and I have about 50 AP1252's split between the 4 production controllers.

We also have WCS v5.2.130.0 in the environment to manage the controllers. I am a little concerned by some messages I am seeing on the WCS which seem to indicate the WiSMs are auto-containing rogues even though I have verified there are no Auto-Contain features enabled on any of the WiSM controllers.

Here is a sample of a WCS log entry which concerns me:

Rogue AP '00:23:75:07:68:b0' with SSID 'qwest5184' and channel number '4' is detected by AP 'xxxx-2-a4' Radio type '802.11b' with RSSI '-92' and SNR '5'. RogueAP contained.

I can dig up more of these but all seem to indicate an action is being taken on Rogue APs even though we specifically have these options unselected (under Security | Wireless Protection Policies | Rogue Policies | General) and their are no Rogue Rules defined either.

Is there anywhere else I should be checking where something like this could be enabled?

I need to make sure I am not being a problem before I can go to my neighbors and expect the same.

Thanks for any ideas.

Labels:
0 Helpful
4 Replies 4

Leo Laohoo
Hall of Fame
Hall of Fame

‎03-12-2009 04:03 PM

WEIRD! Auto-Contain Rogue AP is disabled by default.

Go to Security -> Wireless Protection Policies -> Rogue Policies -> General.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎03-15-2009 04:38 PM

Can you verify that Auto-Contain of Rogue AP is disabled?

0 Helpful

John.Gerlach
Level 1
Level 1
In response to Leo Laohoo

‎03-15-2009 07:27 PM

I have verified that each of the controller has these options inactive on the following screen:

(under Security | Wireless Protection Policies | Rogue Policies | General)

If there is somewhere else I should be looking, I would be relieved to hear it.

0 Helpful

Nigel Bowden
Level 2
Level 2
In response to John.Gerlach

‎05-22-2009 12:23 AM

Did you get a resolution to this?

I have the same issue, but am unsure if my WLC's are auto containing rogues, or whether WCS is just falsely reporting the containment.

I see no auto containment setting anywhere on my WLC (4.2.170.0), so I doubt very much it is auto containing.

Anyone know where I can check/look?

My WCS version is 5.2.130.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card