Open as PDF
Configuring Rogue Detection Lists 579
The following command clears MAC address 11:22:33:44:55:66 from the
WX4400# clear rfdetect attack-list 11:22:33:44:55:66
success: 11:22:33:44:55:66 is no longer in attacklist.
By default, when countermeasures are enabled, MSS considers any
non-3Com transmitter to be a rogue device and can send
countermeasures to prevent clients from using that device. To prevent
MSS from sending countermeasures against a friendly device, add the
device to the known devices list:
If you add a device that MSS has classified as a rogue to the permitted
vendor list or permitted SSID list, but not to the ignore list, MSS can still
classify the device as a rogue. Adding an entry to the permitted vendor
list or permitted SSID list merely indicates that the device is from an
allowed manufacturer or is using an allowed SSID. However, to cause
MSS to stop classifying the device as a rogue, you must add the device’s
MAC address to the ignore list.
To add a device to the ignore list, use the following command:
set rfdetect ignore mac-addr
The mac-addr is the BSSID of the device you want to ignore.
If you try to initiate countermeasures against a device on the ignore list,
the ignore list takes precedence and MSS does not issue the
countermeasures. Countermeasures apply only to rogue devices.
To ignore BSSID aa:bb:cc:11:22:33 during all RF scans, type the following
WX1200#set rfdetect ignore aa:bb:cc:11:22:33
success: MAC aa:bb:cc:11:22:33 is now ignored.
To remove a BSSID from the ignore list, use the following command:
clear rfdetect ignore mac-addr
To display the ignore list, use the following command:
display rfdetect ignore