Cisco Cisco 5508 Wireless Controller Referencia técnica

RLDP only works with open rogue APs broadcasting their SSID with authentication and encryption 
disabled.

RLDP requires that the Managed AP acting as a client is able to obtain an IP address via DHCP on 
the rogue network.

Manual RLDP can be used to attempt an RLDP trace on a rogue multiple number of times.

During RLDP process, the AP is unable to serve clients. This will negatively impact performance 
and connectivity for local mode APs. To avoid this case, RLDP can be selectively enabled for 
Monitor Mode AP only.

RLDP does not attempt to connect to a rogue AP operating in a 5GHz DFS channel.

Switch port tracing is a rogue AP mitigation technique first implemented in the 5.1 release and later with 
MSE 7.3 and PI 1.2, evolved into Auto Switch Port Tracing.  Although switch port tracing is initiated at 
the PI, it utilizes both CDP and SNMP information to track a rogue down to a specific port in the 
network. In order for switch port tracing to run, all switches in the network must be added to the PI with 
SNMP credentials. Although read-only credentials work for identifying the port the rogue is on, 
read-write credentials allow the PI to also shut the port down, thus containing the threat. At this time, 
this feature works only with Cisco switches that run IOS with CDP enabled, and CDP must also be 
enabled on the Managed APs.