cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Wildcard or Regex in Rogue AP Rules

Andreas Jaeger
Beginner
Beginner

I am searching for a solution to automatically classify RogueAPs starting with a known string as friendly.

I.e. all SSID is starting with TEST (i.e. TESTn3Tw0rk) should be classified as friendly.

I already tried to setup a Rogue-AP-Policy containing User configured SSID "TEST*" and "TEST.*" but that didn't work.

1 ACCEPTED SOLUTION

Accepted Solutions

Hi 

You simply need to add sub-string condition that you want to treat as "friendly rogue" without any regular expression. In below case any SSID containing "Virus" keyword will treat as Friendly External Rogue.

 

 

Refer below config guide for more detail

  • SSID Wildcard—Requires that the rogue access point have a substring of the specific user-configured SSID. The controller searches the substring in the same occurrence pattern and returns a match if the substring is found in the whole string of an SSID.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0111011.html

HTH

Rasika

**** Pls rate all useful responses ****

View solution in original post

4 REPLIES 4

Rasika Nayanajith
VIP Mentor VIP Mentor
VIP Mentor

What is the WLC software version ? This feature added in 7.5.x & I hope you running a code (7.6.x. or 8.0.x) that supported this feature.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn75.html

In the earlier releases, you could create rogue policy rules based on SSID, but the SSID had to be an exact match. In this release, you can create rogue policy rules based on wildcard SSID, where the rule is enforced by any SSID that contains the wildcard SSID string. You can configure up to 25 wildcard rule per rogue rule.

HTH

Rasika

**** Pls rate all useful responses ****

The controller runs 7.6.130

Maybe its my fault using whe wrong.

Whats the right way to use the wildcard (which char is the right one?)

Does it accept any regex?

 

Regards - Andreas

Hi 

You simply need to add sub-string condition that you want to treat as "friendly rogue" without any regular expression. In below case any SSID containing "Virus" keyword will treat as Friendly External Rogue.

 

 

Refer below config guide for more detail

  • SSID Wildcard—Requires that the rogue access point have a substring of the specific user-configured SSID. The controller searches the substring in the same occurrence pattern and returns a match if the substring is found in the whole string of an SSID.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0111011.html

HTH

Rasika

**** Pls rate all useful responses ****