cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1839
Views
9
Helpful
4
Replies
Highlighted
Beginner

Wildcard or Regex in Rogue AP Rules

I am searching for a solution to automatically classify RogueAPs starting with a known string as friendly.

I.e. all SSID is starting with TEST (i.e. TESTn3Tw0rk) should be classified as friendly.

I already tried to setup a Rogue-AP-Policy containing User configured SSID "TEST*" and "TEST.*" but that didn't work.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hi 

You simply need to add sub-string condition that you want to treat as "friendly rogue" without any regular expression. In below case any SSID containing "Virus" keyword will treat as Friendly External Rogue.

 

 

Refer below config guide for more detail

  • SSID Wildcard—Requires that the rogue access point have a substring of the specific user-configured SSID. The controller searches the substring in the same occurrence pattern and returns a match if the substring is found in the whole string of an SSID.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0111011.html

HTH

Rasika

**** Pls rate all useful responses ****

View solution in original post

4 REPLIES 4
Highlighted
VIP Mentor

What is the WLC software version ? This feature added in 7.5.x & I hope you running a code (7.6.x. or 8.0.x) that supported this feature.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn75.html

In the earlier releases, you could create rogue policy rules based on SSID, but the SSID had to be an exact match. In this release, you can create rogue policy rules based on wildcard SSID, where the rule is enforced by any SSID that contains the wildcard SSID string. You can configure up to 25 wildcard rule per rogue rule.

HTH

Rasika

**** Pls rate all useful responses ****

Highlighted

The controller runs 7.6.130

Maybe its my fault using whe wrong.

Whats the right way to use the wildcard (which char is the right one?)

Does it accept any regex?

 

Regards - Andreas

Highlighted

Hi 

You simply need to add sub-string condition that you want to treat as "friendly rogue" without any regular expression. In below case any SSID containing "Virus" keyword will treat as Friendly External Rogue.

 

 

Refer below config guide for more detail

  • SSID Wildcard—Requires that the rogue access point have a substring of the specific user-configured SSID. The controller searches the substring in the same occurrence pattern and returns a match if the substring is found in the whole string of an SSID.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0111011.html

HTH

Rasika

**** Pls rate all useful responses ****

View solution in original post

Highlighted

I missed this option in CPI but found it directly on the controller GUI.

using SSID Wildcard works.

After upgrading CPI to 2.2 this option is availlable, too.

Content for Community-Ad