Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
879
Views
0
Helpful
7
Replies
pnagpal
Beginner
Beginner
‎07-25-2013 03:14 AM
‎07-25-2013 03:14 AM

Rogue containment

Hello All,

How do you manage rogue APs in your setup? I know we can do this easily for wired rogues, how do you manage un-wired rogues especially user's mobile and other items acting as hotspot.

I am sorry if this is asked already.

Thanks,

Pulkit

Labels:
0 Helpful
7 REPLIES 7
Scott Fella
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
‎07-25-2013 03:49 AM
‎07-25-2013 03:49 AM

All this is done manually. You shouldn't have rogue containment on and RLDP really should be disabled on client access APs. If you have the time to look for these and hunt them down, then that is what you need to do. To be honest, you can't prevent people from bringing in their own hotspot especially now when a phone can be a hotspot.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Shaoqin Li
Participant
Participant
‎07-25-2013 08:34 AM
‎07-25-2013 08:34 AM

what you can do is first classify them. As Scott said RLDP is better running on monitor mode APs.

unless you see some hostile entries like broadcasting same ssid, you primarily need first know how many/ what is constructing the rogue environment.

Sent from Cisco Technical Support iPad App

0 Helpful
Mark Sullivan
Beginner
Beginner
‎07-26-2013 12:04 PM
‎07-26-2013 12:04 PM

Since you guys appear to be running RLDP on monitor mode AP's only, can I take it you are successfully running SPT from an access point to detect rogues. What type of Access switches are you using?

found a document

http://www.cisco.com/en/US/customer/docs/wireless/prime_infrastructure/1.3/configuration/guide/admin.html#wp1603927 stating only the following switches are supported: 3750, 3560, 3750E, 3560E, and 2960.

Reason I ask, we're having issues with detection of wired rogue AP's

0 Helpful
katerina.dardoufa
Enthusiast
Enthusiast
In response to Mark Sullivan
‎05-22-2020 02:36 AM
‎05-22-2020 02:36 AM

Hello to all,

 

years after the initial thread begun, I am having trouble with the detection of wired rogue AP. The rogue AP is detected, as a friendly AP, by an AP in one of our buildings, but SPT running on Prime Infrastructure 3.5 shows it to be connected to a switch in another building.

 

Any ideas?

0 Helpful
patoberli
VIP Advisor VIP Advisor
VIP Advisor
In response to katerina.dardoufa
‎05-22-2020 07:39 AM
‎05-22-2020 07:39 AM

You might be missing some switches in PI. If the intermediate switches are missing (or unreachable from PI), then it probably shows the "next best" switch.
0 Helpful
Ravi Singh
Rising star
Rising star
‎07-29-2013 12:13 AM
‎07-29-2013 12:13 AM

Please see the below link for managing and detecting rouge AP in your network

http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080b40901.shtml

0 Helpful
Mark Sullivan
Beginner
Beginner
In response to Ravi Singh
‎07-29-2013 11:34 AM
‎07-29-2013 11:34 AM

Thanks, I'll review

0 Helpful
Latest Contents
Cisco Prime Infrastructure log4j Security Patch Upgrade Proc...
Created by sridhkri on 04-25-2022 10:00 PM
0
0
0
0
What is Log4j? The Log4j vulnerability allows malicious attackers to execute code remotely on any targeted computer, the Apache Software Foundation disclosed a security vulnerability in a widely-used Java software library called Log4j. What is t... view more
Prime 3.10.1 upgrade procedure
Created by sridhkri on 03-22-2022 03:06 AM
0
0
0
0
Below procedure for installing from prime 3.10 to 3.10.1   Pre-requisite for any MR release upgrade   Take the backup of prime db on external tftp server (recommended). If you are running on VM than take a snap-shop of prime VM so you can resto... view more
Use Case Based Comparison of Prime Infrastructure and DNA Ce...
Created by rajktiwa on 03-02-2022 02:12 AM
0
10
0
10
Overview This article compares Prime Infra (PI) and DNA Center for a wireless user of Catalyst 9800 controller. As a Quality assurance test engineer for Prime Infra, there was always an inquisitiveness to compare Prime Infra with DNA Center for a specific... view more
How To Add Wireless Guest User via Powershell and RESTCONF
Created by remi_at on 02-02-2022 03:26 AM
0
15
0
15
SymptomsYou want to automate guest-user creation on your Cisco 9800 Wireless LAN Controller SolutionSince new WLCs do not allow adding guest users via SNMP, I have created a new script that uses RESTCONF via HTTPS.Tested on Cisco 9800-CL virtual wire... view more
AP1815, AP1830, AP1850... can't be converted to Mobility Exp...
Created by Rps-Cheers on 12-16-2021 12:25 AM
3
5
3
5
In some cases, there may be an abnormality in one of the part files of these COS APs, which makes it impossible to convert to Mobility Express. At this time, you will encounter the following error.##########################################################... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad