Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WLC4404: authenticating LWAPPs.

Hi,

I want so secure my WLAN against rogue LWAPPs. I found the option "Authorize APs against AAA" under "SECURITY -> AAA -> AP Policies". So, it's only possible to authorize them against my IAS RADIUS server?

How dou you protect your network agaisnt rogue LWAPPs? I didn't finde a best practice my Cisco. TIA.

Simon

edit: I'm running 5.0.148.0 on a AIR-WLC4404-100-K9.

1 REPLY
Hall of Fame Super Silver

Re: WLC4404: authenticating LWAPPs.

I don't see why you can't use IAS, you just have to cross reference the doc that explains how to set it up in Cisco ACS:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml#a1

One way to protect you network against rogue LWAPP's is to make sure your unused ports are shut and configured for a bogus vlan just in case. Have your LAP's on a separate vlan, so that the vlan or subnet is the only subnet that can communicate to the wlc.

-Scott
*** Please rate helpful posts ***
283
Views
0
Helpful
1
Replies