https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099318#M59705 <P>What that means is: There are some nearby APs using same MAC Address as one of your WLAN mac addresses.</P> <P>Why that happens? This is usually a kind of security measure Wireless Networks use to contain un-trusted neighbor WiFi networks.</P> <P>So, if you can see there are rogue APs on your WLC then this is probably the case. Try to contact the administrators of the neighbor WLANs and tell them to consider your network as a friendly one so their network stops containing your APs.</P> <P>&nbsp;</P> <P>HTH</P> <P>&nbsp;</P> <P>Amjad</P> Wed, 17 Jan 2018 06:37:20 GMT Amjad Abdullah 2018-01-17T06:37:20Z https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099316#M59703 <P>&nbsp; <STRONG><A _jive_internal="true" href="https://community.cisco.com/message/3354801#3354801" target="_blank">Rogue device detection</A></STRONG>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </P><DIV><DIV><DIV><P></P><P>I am getting these alerts Message: AP 'xxx' is being contained. This is due to rogue device spoofing or targeting AP 'xxx' BSSID on '802.11b/g' radio. - Controller </P><P>The controllers are wism with 7.0.235.0 code and AP's are 1142. </P><P></P><P>Can anyone advise on it it's false alarm.</P><P></P></DIV></DIV></DIV> Sun, 04 Jul 2021 06:00:49 GMT https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099316#M59703 mdaigle 2021-07-04T06:00:49Z https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099317#M59704 <HTML><HEAD></HEAD><BODY><P>Do you see the Rogue MAC address, are they belong to your own infrastructure or not.</P><P>Wireless packet capture should tell what's going on. Mostly you may see cisco AP's MAC is spoofed by Rogue AP to do deauth attack, so check the RSSI of the source and see how many nearby APs are being attacked.</P></BODY></HTML> Fri, 09 Nov 2012 22:33:50 GMT https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099317#M59704 Saravanan Lakshmanan 2012-11-09T22:33:50Z https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099318#M59705 <P>What that means is: There are some nearby APs using same MAC Address as one of your WLAN mac addresses.</P> <P>Why that happens? This is usually a kind of security measure Wireless Networks use to contain un-trusted neighbor WiFi networks.</P> <P>So, if you can see there are rogue APs on your WLC then this is probably the case. Try to contact the administrators of the neighbor WLANs and tell them to consider your network as a friendly one so their network stops containing your APs.</P> <P>&nbsp;</P> <P>HTH</P> <P>&nbsp;</P> <P>Amjad</P> Wed, 17 Jan 2018 06:37:20 GMT https://community.cisco.com/t5/wireless/rogue-device-spoofing-or-targeting-ap-xxx-bssid-on-802-11b-g/m-p/2099318#M59705 Amjad Abdullah 2018-01-17T06:37:20Z