Filter
Top Products
Rogue AP Detection Commands
BreezeMAX Wi² and BreezeACCESS Wi² System Manual 231
5.19 Rogue AP Detection Commands
A “rogue AP” is either an AP that is not authorized to participate in the wireless
network, or an AP that does not have the correct security configuration. Rogue
APs can potentially allow unauthorized users access to the network. Alternatively,
client stations may mistakenly associate to a rogue AP and be prevented from
accessing network resources. Rogue APs may also cause radio interference and
degrade the wireless LAN performance.
The AP can be configured to periodically scan all radio channels and find other
APs within range. A database of nearby APs is maintained where any rogue APs
can be identified.
5.19.1 rogue-ap enable
This command enables the periodic detection of nearby APs. Use the no form to
disable periodic detection.
Syntax
[no] rogue-ap enable
Default Setting
Disabled
Command Mode
Interface Configuration (Wireless)
Command Usage
• While the AP scans a channel for rogue APs, wireless clients will not be able to connect to the
AP. Therefore, avoid frequent scanning or scans of a long duration unless there is a reason to
believe that more intensive scanning is required to find a rogue AP.
• A “rogue AP” is either an AP that is not authorized to participate in the wireless network, or an AP
that does not have the correct security configuration. Rogue APs can be identified by unknown
BSSID (MAC address) or SSID configuration. A database of nearby sh
• s should therefore be maintained on a RADIUS server, allowing any rogue APs to be identified
(see
“rogue-ap authenticate” on page 232). The rogue AP database can be viewed using
Table 5-18: Rogue AP Detection Commands
Command Function Mode Page
rogue-ap enable Enables the periodic detection of other nearby APs GC 231
rogue-ap authenticate Enables identification of all APs GC 232
rogue-ap duration Sets the duration that all channels are scanned GC 232
rogue-ap interval Sets the time between each scan GC 233
rogue-ap scan Forces an immediate scan of all radio channels GC 233
show rogue-ap Shows the current database of detected APs Exec 234