cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
120
Views
0
Helpful
1
Replies

Wireless Rogue Same SSID detection and reporting

Alex-Pr
Beginner
Beginner

Hi All,

I’m looking for some advice on how to setup a way to detect and alarm (snmp/email/or applet) for when a rogue is detected that uses the same SSID as one of the wlans on my network.

I essentially want the feature listed in the auto contain called “Using our SSID” but rather then try countermeasures, it generates a message so we can actually investigate.  (auto containment is illegal. I believe the function actually doesn’t run based on our country code).

I am using IOS XE

 

As a bit of context, this is for a public facility in a busy area so I see hundreds of rogue networks.  What happens from time to time is someone will broadcast the same SSID (malicious or just stupidity) as one of the WLANs we have on our system so it causes client problems.  I want to get an email when the system sees it so I go an investigate it.  

Thanks you!!

 

1 Reply 1

marce1000
VIP Expert VIP Expert
VIP Expert

 

  >... when a rogue is detected that uses the same SSID as one of the wlans on my network.
 - You should focus on rogue detection in  general : https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/managing-rogue-devices.html

     Also consider https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/managing-rogue-devices.html#id_136347

 M.

   



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers