11-35
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 11 Configuring Radio Resource ManagementWireless Device Access
Enabling Rogue Access Point Detection in RF Groups
Step 4 Choose either local or monitor from the AP Mode drop-down box and click Apply to commit your
changes.
Step 5 Click Save Configuration to save your changes.
Step 6 Repeat Step 2 through Step 5 for every access point connected to the controller.
Step 7 Click Security > Wireless Protection Policies > AP Authentication/MFP to open the AP
Authentication Policy page (see Figure 11-12).
Figure 11-12 AP Authentication Policy Page
The name of the RF group to which this controller belongs appears at the top of the page.
Step 8 Choose AP Authentication from the Protection Type drop-down box to enable rogue access point
detection.
Step 9 Enter a number in the Alarm Trigger Threshold edit box to specify when a rogue access point alarm is
generated. An alarm occurs when the threshold value (which specifies the number of access point frames
with an invalid authentication IE) is met or exceeded within the detection period.
Note The valid threshold range is from1 to 255, and the default threshold value is 1. To avoid false
alarms, you may want to set the threshold to a higher value.
Step 10 Click Apply to commit your changes.
Step 11 Click Save Configuration to save your changes.
Step 12 Repeat this procedure on every controller in the RF group.
Note If rogue access point detection is not enabled on every controller in the RF group, the access
points on the controllers with this feature disabled are reported as rogues.
To Next Page
Loading...
Need help?
General
