I’m looking for some advice on how to setup a way to detect and alarm (snmp/email/or applet) for when a rogue is detected that uses the same SSID as one of the wlans on my network.
I essentially want the feature listed in the auto contain called “Using our SSID” but rather then try countermeasures, it generates a message so we can actually investigate. (auto containment is illegal. I believe the function actually doesn’t run based on our country code).
I am using IOS XE
As a bit of context, this is for a public facility in a busy area so I see hundreds of rogue networks. What happens from time to time is someone will broadcast the same SSID (malicious or just stupidity) as one of the WLANs we have on our system so it causes client problems. I want to get an email when the system sees it so I go an investigate it.