The scanning-only AP mode puts a radio interface in a dedicated mode that monitors the surrounding air space but does not carry any regular WLAN user traffic. Because the scanning-only AP dedicates itself in the radio monitoring mode, it can detect rogue devices and unassociated clients more reliably and faster than a regular AP or client.
The following sections will help you understand how and where to use the Radio Manager Scanning-Only AP Mode feature:
Understanding Scanning-Only AP Mode
Guidelines for Using Scanning-Only APs
Assigning Scanning-Only AP Network Settings
Enabling Scanning-Only Mode
Viewing Reporting APs
Viewing the Unregistered Clients Report
Understanding Scanning-Only AP Mode
The scanning-only AP mode puts a radio interface in a dedicated mode that monitors the surrounding air space without carrying any regular WLAN user traffic. Scanning APs:
Function in a "listen-only" mode that does not allow client associations.
Monitor the radio environment by looking for rogue APs and unassociated clients.
Detect buglighted clients (clients associated with unauthorized APs).
For information about the APs and firmware versions for which Scanning-Only AP mode is supported, see the Supported Devices Table for the CiscoWorks Wireless LAN Solution Engine, Release 2.9.
How It Works
Scanning-Only AP mode can be used for rogue AP detection; the fault that is generated is the same as when a regular AP or client detects a rogue AP. Scanning-only APs improve rogue AP detection by performing on-channel scanning (listening to the beacon without sending any messages) for a set period of time. It stays on each channel several seconds before moving on to the next channel on the list.
Scanning-only AP mode can be enabled on a per-radio interface. If an AP contains two or more radio interfaces, each interface can be configured into scanning-only AP mode or any other mode independent of other radio interfaces.
An 11a-capable client that is associated to an 11g network cannot detect 11a rogues. No matter what the client is capable of supporting, it only searches for rogues that match the band of the AP. Therefore, when a client is associated to a 2.4Ghz AP (b or g), it only detects 2.4Ghz rogues (b or g). When it is associated to a 5Ghz (11a) AP, it only detects 5Ghz (11a) rogues. An AP in scanning-only mode that has a dual radio (both a and g) can detect all types of (a, b, and g) rogues.
A fault is generated when WLSE detects any unregistered clients. The fault report shows all detected unregistered clients that have not been acknowledged and cleared by the administrator.
This release only detects clients using a null SSID to probe the network.
Hey Folks, What will happen when two nos. of AP's (IW6300's) are placed side by side, may be 5 meters far from each other as Root access points communicating with other MAP's in the vicinity.In short, can those RAP's act as redundant access points to...
I'm using an AIR-AP-1142N-A-K9 in a home environment, and trying to optimize throughput. Internet connectivity is an "up to 600mbps" cable Internet service from Comcast, using their Technicolor CGM4140COM "xFi Gateway", in bridge mode, connected to a...
Hello Team, I have 2 questions. First, the country code exchange process happen in which state during AP joining process to Wlc. ? Second, if i am using central authentication and local switching in my controller and ap is in flex connect m...
Hey guys,We have 5 units "Cisco Aironet 1530 Series Outdoor Access Points" and would like to configure them into a mesh network.We currently only have access to lightweight images. Is that possible? Any guide to help us through this ?Thank you s...