Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
255
Views
1
Helpful
6
Replies

Rogue AP

Go to solution
hs08
VIP
VIP

‎11-02-2025 08:15 PM

I have 2 WLC, one using 2500 series and another one using 9800 series and both WLC have same SSID.

Should i classified SSID under 2500 WLC as friendly into 9800 WLC and vice versa?

Is there any negative impach if i let as unclassified?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP
In response to hs08

‎11-02-2025 10:56 PM

So, 9800 already has that SSID locally ? If yes, you can’t mark it as friendly — it’s automatically trusted...

There is no negative impact to leave the 2504’s SSID as unclassified on the 9800 ; it causes no harm at all.

Devices will see 2 separate AP network broadcasting the same SSID and will connect to whichever has stronger signal, but not “roam” seamlessly between them...

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
M02@rt37
VIP
VIP

‎11-02-2025 09:42 PM - edited ‎11-02-2025 09:42 PM

Hello @hs08 

Mark the SSID from the other WLC as friendly on both sides...
If you leave it unclassified, you might see rogue AP reports ; but no direct trafic disruption.

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/security/configuration_guide/b_sec_3se_3850_cg/b_sec_3se_3850_cg_chapter_010110.pdf&ved=2ahUKEwi7hJTXotWQAxX7K_sDHRY2AYgQFnoECBwQAQ&usg=AOvVaw0KKZbm7qM0YFKdQ88pnyeS

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Go to solution
hs08
VIP
VIP
In response to M02@rt37

‎11-02-2025 10:05 PM

hi M02@rt37 

But i get this error when adding the SSID on my 9800 WLC.

hs08_0-1762149832166.png

 

0 Helpful

Go to solution
M02@rt37
VIP
VIP
In response to hs08

‎11-02-2025 10:45 PM

OK @hs08 

Both WLC are in the same mobility domain ?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Go to solution
hs08
VIP
VIP
In response to M02@rt37

‎11-02-2025 10:51 PM

Not because C9800 is not compatible with 2504 series.

Go to solution
M02@rt37
VIP
VIP
In response to hs08

‎11-02-2025 10:56 PM

So, 9800 already has that SSID locally ? If yes, you can’t mark it as friendly — it’s automatically trusted...

There is no negative impact to leave the 2504’s SSID as unclassified on the 9800 ; it causes no harm at all.

Devices will see 2 separate AP network broadcasting the same SSID and will connect to whichever has stronger signal, but not “roam” seamlessly between them...

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Go to solution
HaiCa
Level 1
Level 1
In response to hs08

‎11-02-2025 11:24 PM - edited ‎11-02-2025 11:28 PM

Seen like you have configured rogue AP containment, ain't you?

You can't do it with your own SSID. To do it you may need to go to Monitoring > Wireless > Unclassified > Find the SSID make sure the MAC Address match the other Wireless system, click on it and classify it.

HaiCa_0-1762154550559.jpeg

There no impact if you let it unclassified unless it become Malicious somehow based on your rouge/protection policy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card