Using the Command Line Interface

The rogue AP database can be viewed using the show rogue-apcommand.

The access point sends Syslog messages for each detected access point during a rogue AP scan.

Example

Outdoor

11a

Building

to

Building (if-wireless

g)#rogue-ap enable

configure either syslog

or trap or both to receive the rogue APs detected.

Outdoor

11a

Building

to

Building (if-wireless

g)#

rogue-ap authenticate

This command forces the unit to authenticate all access points on the network. Use the no form to disable this function.

Syntax

[no] rogue-ap authenticate

Default Setting

Disabled

Command Mode

Interface Configuration (Wireless)

Command Usage

Enabling authentication in conjunction with a database of approved access points stored on a RADIUS server allows the access point to discover rogue APs. With authentication enabled and a configure RADIUS server, the access point checks the MAC address/Basic Service Set Identifier (BSSID) of each access point that it finds against a RADIUS server to determine whether the access point is allowed. With authentication disabled, the access point can identify its neighboring access points only; it cannot identify whether the

6-135

Page 247
Image 247
3Com WL-575, 3CRWEASYA73 manual Rogue-ap authenticate, Syntax No rogue-ap authenticate Default Setting