Cisco Cisco 5508 Wireless Controller Referencia técnica
15
Rogue Management in a Unified Wireless Network using v7.4
Rogue Management Theory of Operation
Step 2
Custom Rogue Filter Rule is created. If there is rogue device matched by this rogue rule, that rougue
device will be auto-contained.
device will be auto-contained.
Read the document
for more information on rogue rules in the WLCs.
Rogue Mitigation
Rogue Containment
Containment is a method of using over-the-air packets to temporarily interrupt service on a rogue device
until it can physically be removed. Containment works by spoofing de-authentication packets with the
spoofed source address of the rogue AP so that any clients associated are kicked off.
until it can physically be removed. Containment works by spoofing de-authentication packets with the
spoofed source address of the rogue AP so that any clients associated are kicked off.
Rogue Containment Details
A containment initiated on a rogue AP with no clients will only use de-authentication frames sent to the
broadcast address:
broadcast address: