Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1388
Views
0
Helpful
5
Replies

How to Classify AdHoc Rogues?

Go to solution
jnlawrence76
Level 1
Level 1

‎11-29-2010 11:32 AM - edited ‎07-03-2021 07:28 PM

I have been able to manually classify the Unclassified APs that I find, however I have not been able to find out a way to manually classify Adhoc Rogues.  Can anyone point me in the right direction?  Do I have to creat a rule in order to classify Adhoc Rogues?

Thanks in Advance

WLC - 7.0.98.0

WCS - 6.0.170.0

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to jnlawrence76

‎11-29-2010 04:18 PM

Go to WCS Home > Security Tab > Total Active Adhoc Rogues > under Adhoc Rogue Alarms put a "tick" on the Adhoc Rogues of your choice > on the upper left-hand corner there's a drop-down box > choose "External".

Hope this helps.  Please don't forget to rate our useful posts.  Thanks.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎11-29-2010 01:24 PM

On the WLC:

Rogues > Adhoc Rogues > MAC Address > Contain

0 Helpful

Go to solution
jnlawrence76
Level 1
Level 1
In response to Leo Laohoo

‎11-29-2010 01:30 PM

If I set them to "Contain" will this cause a problem for the AdHoc devices?

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to jnlawrence76

‎11-29-2010 01:40 PM

Nuts.

You can aside from "Contain", you can choose some more options:   Contain, Alert, Internal, External

When you contain, you are literally sending successive de-authenticate packet to the client.  This is similar to doing a DDoS.

0 Helpful

Go to solution
jnlawrence76
Level 1
Level 1
In response to Leo Laohoo

‎11-29-2010 01:43 PM

What about setting a rule to set adhocs to "External"?  I have about 500 showing up right now and manually changing each one would take some time.  I only seem to see the ability to create rules for Rogue APs

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to jnlawrence76

‎11-29-2010 04:18 PM

Go to WCS Home > Security Tab > Total Active Adhoc Rogues > under Adhoc Rogue Alarms put a "tick" on the Adhoc Rogues of your choice > on the upper left-hand corner there's a drop-down box > choose "External".

Hope this helps.  Please don't forget to rate our useful posts.  Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card