Cisco Systems 3.2 Manual De Usuario
9-12
Cisco Wireless LAN Controller Configuration Guide
OL-8335-02
Chapter 9 Configuring Radio Resource Management
Enabling Rogue Access Point Detection
Enabling Rogue Access Point Detection
After you have created an RF group of controllers, you need to configure the access points connected to
the controllers to detect rogue access points. The access points will then check the beacon/
probe-response frames in neighboring access point messages to see if they contain an authentication
information element (IE) that matches that of the RF group. If the check is successful, the frames are
authenticated. Otherwise, the authorized access point reports the neighboring access point as a rogue,
records its BSSID in a rogue table, and sends the table to the controller.
the controllers to detect rogue access points. The access points will then check the beacon/
probe-response frames in neighboring access point messages to see if they contain an authentication
information element (IE) that matches that of the RF group. If the check is successful, the frames are
authenticated. Otherwise, the authorized access point reports the neighboring access point as a rogue,
records its BSSID in a rogue table, and sends the table to the controller.
Using the GUI to Enable Rogue Access Point Detection
Follow these steps to enable rogue access point detection using the GUI.
Step 1
Make sure that each controller in the RF group has been configured with the same RF group name.
Note
The name is used to verify the authentication IE in all beacon frames. If the controllers have
different names, false alarms will occur.
different names, false alarms will occur.
Step 2
Click Wireless to access the All APs page (see
Figure 9-5
All APs Page
Step 3
Click the Detail link for an access point to access the All APs > Details page (see