Showing results for 
Search instead for 
Did you mean: 

Cisco WLC Controler 3750 switch

Ross Ghanim

We have two switches 3750 each supports 25 AP WLC software is version Lately we have discovered about 100 Rogue AP that we are making them Malicious Rogue APs is this enough to contain them and making them not affecting our wireless network.  Also what is the difference between Malicious Rogue AP and Contained Rogue AP?


Ross Ghanim
3 Replies 3

Saurav Lodh
Rising star
Rising star

Classifying the Rogues

Rasika Nayanajith
VIP Mentor VIP Mentor
VIP Mentor

what's the reason for running these WLCs on 5.x, at least get them upgraded to as 7.0.x the last supported on these.



Cisco Employee
Cisco Employee

Upgrade your OS version to minimum 7.x

Any device that shares your spectrum and is not managed by you can be considered a rogue. A rogue becomes dangerous in the following scenarios:

When the Rogue AP uses the same SSID as your network (honeypot).

When the Rougue AP device is detected on wired network also.

Ad-hoc rogues are also a big threat.

Setup by an outsider with malicious intent.

There are three main phases of rogue device management in Cisco Unified Wireless Network (UWN) solution:

Detection - Radio Resource Management (RRM) scanning is used to detect the presence of rogue devices.

Classification - Rogue Location Discovery Protocol (RLDP), Rogue Detectors and switch port tracing are used to identify if the rogue device is connected to the wired network. Rogue classification rules also assist in filtering rogues into specific categories based on their characteristics.

Mitigation - Switch port Trace and shutting down, rogue location, and rogue containment are used to track down physical location and nullify the threat of rogue devices.


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers