https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200441#M29736 <HTML><HEAD></HEAD><BODY><P>Hi ,</P><P></P><P> a) There is no good method for this . There are different tools to identify rogue AP but all are site survey tool , you physically go to all places and detect the </P><P>signal for rogue AP .</P><P></P><P> b) You can turn on MAC address authenitcation saying that only certain mac are are allowed to associate with AP , that way you can control wlan client adapter .But mac address goes in clear text so it can be spoofed .</P><P></P><P> c) Cisco AP12.01 has new feature to detect rogue AP but it s light duty tool and works under certain condition </P><P> <A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/wireless/ps458/products_configuration_guide_chapter09186a00801049a8.html#1036595" target="_blank">http://www.cisco.com/en/US/products/hw/wireless/ps458/products_configuration_guide_chapter09186a00801049a8.html#1036595</A></P><P></P><P> d) Best is to have strict corporate policy for rogue AP </P><P></P><P> e) If you are connecting over switch on switch you can run EAP and protect ethernet switch port and authenitcate ethernet switch ports </P><P></P><P> Nilesh </P><P></P><P> </P></BODY></HTML> Sun, 02 Mar 2003 19:39:22 GMT ndoshi 2003-03-02T19:39:22Z https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200440#M29735 <P>Is there a possibility to identify a WLAN user on the wired network?</P><P>How can I make sure, that nobody places a rogue AP in the network and get access to the wired network or a employee puts in a WLAN card and allows a</P><P>non-employee to access to the network from outside?</P><P>Is there a mechanism to identify such a constellation like all the adaptors have</P><P>a special MAC Address or something like that?</P><P></P><P>Many thanks!</P> Sun, 04 Jul 2021 15:32:29 GMT https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200440#M29735 ssandri 2021-07-04T15:32:29Z https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200441#M29736 <HTML><HEAD></HEAD><BODY><P>Hi ,</P><P></P><P> a) There is no good method for this . There are different tools to identify rogue AP but all are site survey tool , you physically go to all places and detect the </P><P>signal for rogue AP .</P><P></P><P> b) You can turn on MAC address authenitcation saying that only certain mac are are allowed to associate with AP , that way you can control wlan client adapter .But mac address goes in clear text so it can be spoofed .</P><P></P><P> c) Cisco AP12.01 has new feature to detect rogue AP but it s light duty tool and works under certain condition </P><P> <A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/wireless/ps458/products_configuration_guide_chapter09186a00801049a8.html#1036595" target="_blank">http://www.cisco.com/en/US/products/hw/wireless/ps458/products_configuration_guide_chapter09186a00801049a8.html#1036595</A></P><P></P><P> d) Best is to have strict corporate policy for rogue AP </P><P></P><P> e) If you are connecting over switch on switch you can run EAP and protect ethernet switch port and authenitcate ethernet switch ports </P><P></P><P> Nilesh </P><P></P><P> </P></BODY></HTML> Sun, 02 Mar 2003 19:39:22 GMT https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200441#M29736 ndoshi 2003-03-02T19:39:22Z https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200442#M29737 <HTML><HEAD></HEAD><BODY><P>Thanks Nilesh</P><P></P><P>And what about a client which is in Peer-to-Peer mode? A Hacker may come through that client which is also connected to the wired LAN.</P><P>think there is no possibility at all?</P><P></P><P>Regards</P><P>Stefan</P></BODY></HTML> Mon, 03 Mar 2003 14:46:28 GMT https://community.cisco.com/t5/wireless/identifying-a-wireless-lan-user-in-the-network/m-p/200442#M29737 ssandri 2003-03-03T14:46:28Z