Showing results for 
Search instead for 
Did you mean: 

How to configure an AP in scanning-only mode





How to configure an AP in scanning-only mode



The scanning-only AP mode puts a radio interface in a dedicated mode that monitors the surrounding air space but does not carry any regular WLAN user traffic. Because the scanning-only AP dedicates itself in the radio monitoring mode, it can detect rogue devices and unassociated clients more reliably and faster than a regular AP or client.


The following sections will help you understand how and where to use the Radio Manager Scanning-Only AP Mode feature:


  • Understanding Scanning-Only AP Mode
  • Guidelines for Using Scanning-Only APs
  • Assigning Scanning-Only AP Network Settings
  • Enabling Scanning-Only Mode
  • Viewing Reporting APs
  • Viewing the Unregistered Clients Report


Understanding Scanning-Only AP Mode

The scanning-only AP mode puts a radio interface in a dedicated mode that monitors the surrounding air space without carrying any regular WLAN user traffic. Scanning APs:

  • Function in a "listen-only" mode that does not allow client associations.
  • Monitor the radio environment by looking for rogue APs and unassociated clients.
  • Detect buglighted clients (clients associated with unauthorized APs).



For information about the APs and firmware versions for which Scanning-Only AP mode is supported, see the Supported Devices Table for the CiscoWorks Wireless LAN Solution Engine, Release 2.9.


How It Works

Scanning-Only AP mode can be used for rogue AP detection; the fault that is generated is the same as when a regular AP or client detects a rogue AP. Scanning-only APs improve rogue AP detection by performing on-channel scanning (listening to the beacon without sending any messages) for a set period of time. It stays on each channel several seconds before moving on to the next channel on the list.


Scanning-only AP mode can be enabled on a per-radio interface. If an AP contains two or more radio interfaces, each interface can be configured into scanning-only AP mode or any other mode independent of other radio interfaces.



An 11a-capable client that is associated to an 11g network cannot detect 11a rogues. No matter what the client is capable of supporting, it only searches for rogues that match the band of the AP. Therefore, when a client is associated to a 2.4Ghz AP (b or g), it only detects 2.4Ghz rogues (b or g). When it is associated to a 5Ghz (11a) AP, it only detects 5Ghz (11a) rogues. An AP in scanning-only mode that has a dual radio (both a and g) can detect all types of (a, b, and g) rogues.


A fault is generated when WLSE detects any unregistered clients. The fault report shows all detected unregistered clients that have not been acknowledged and cleared by the administrator.



This release only detects clients using a null SSID to probe the network.


Problem Type

Configure / Configuration issues



Access point


Product OS




Using Scanning-Only APs

Managing the WLAN Radio Environment

Typical Scenarios and FAQs

Content for Community-Ad