Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1200
Views
0
Helpful
7
Replies

Rogue containment

pnagpal
Level 1
Level 1

‎07-25-2013 03:14 AM - edited ‎07-04-2021 12:31 AM

Hello All,

How do you manage rogue APs in your setup? I know we can do this easily for wired rogues, how do you manage un-wired rogues especially user's mobile and other items acting as hotspot.

I am sorry if this is asked already.

Thanks,

Pulkit

Labels:
0 Helpful
7 Replies 7

Scott Fella
Hall of Fame
Hall of Fame

‎07-25-2013 03:49 AM

All this is done manually. You shouldn't have rogue containment on and RLDP really should be disabled on client access APs. If you have the time to look for these and hunt them down, then that is what you need to do. To be honest, you can't prevent people from bringing in their own hotspot especially now when a phone can be a hotspot.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Shaoqin Li
Level 3
Level 3

‎07-25-2013 08:34 AM

what you can do is first classify them. As Scott said RLDP is better running on monitor mode APs.

unless you see some hostile entries like broadcasting same ssid, you primarily need first know how many/ what is constructing the rogue environment.

Sent from Cisco Technical Support iPad App

0 Helpful

Mark Sullivan
Level 1
Level 1

‎07-26-2013 12:04 PM

Since you guys appear to be running RLDP on monitor mode AP's only, can I take it you are successfully running SPT from an access point to detect rogues. What type of Access switches are you using?

found a document

http://www.cisco.com/en/US/customer/docs/wireless/prime_infrastructure/1.3/configuration/guide/admin.html#wp1603927 stating only the following switches are supported: 3750, 3560, 3750E, 3560E, and 2960.

Reason I ask, we're having issues with detection of wired rogue AP's

0 Helpful

katerina.dardoufa
Level 4
Level 4
In response to Mark Sullivan

‎05-22-2020 02:36 AM

Hello to all,

 

years after the initial thread begun, I am having trouble with the detection of wired rogue AP. The rogue AP is detected, as a friendly AP, by an AP in one of our buildings, but SPT running on Prime Infrastructure 3.5 shows it to be connected to a switch in another building.

 

Any ideas?

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to katerina.dardoufa

‎05-22-2020 07:39 AM

You might be missing some switches in PI. If the intermediate switches are missing (or unreachable from PI), then it probably shows the "next best" switch.
0 Helpful

Ravi Singh
Level 7
Level 7

‎07-29-2013 12:13 AM

Please see the below link for managing and detecting rouge AP in your network

http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080b40901.shtml

0 Helpful

Mark Sullivan
Level 1
Level 1
In response to Ravi Singh

‎07-29-2013 11:34 AM

Thanks, I'll review

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card