Chapter 9 Configuring Radio Resource Management

Configuring Dynamic RRM

Using the CLI to Enable Rogue Access Point Detection

Follow these steps to enable rogue access point detection using the CLI.

Step 1 Make sure that each controller in the RF group has been configured with the same RF group name.

Note The name is used to verify the authentication IE in all beacon frames. If the controllers have different names, false alarms will occur.

Step 2 Enter config ap mode local Cisco_AP or config ap mode monitor Cisco_AP to configure this particular access point for local (normal) mode or monitor (listen-only) mode.

Step 3 Repeat Step 2 for every access point connected to the controller.

Step 4 Enter config wps ap-authenticationto enable rogue access point detection.

Step 5 Enter config wps ap-authenticationthreshold to specify when a rogue access point alarm is generated. An alarm occurs when the threshold value (which specifies the number of access point frames with an invalid authentication IE) is met or exceeded within the detection period.

Note The valid threshold range is from1 to 255, and the default threshold value is 1. To avoid false alarms, you may want to set the threshold to a higher value.

Step 6 Repeat Step 4 and Step 5 on every controller in the RF group.

Note If rogue access point detection is not enabled on every controller in the RF group, the access points on the controllers with this feature disabled are reported as rogues.

Configuring Dynamic RRM

The controller is preconfigured with factory default RRM settings designed to optimize radio performance. However, you can modify the controller’s dynamic RRM configuration parameters at any time through either the GUI or the CLI.

Note You can configure these parameters on an individual controller that is not part of an RF group or on RF group members.

Note The RRM parameters should be set to the same values on every controller in an RF group. The RF group leader can change at any time. If the RRM parameters are not identical for all RF group members, varying results can occur when the group leader changes.

Cisco Wireless LAN Controller Configuration Guide

 

OL-8335-02

9-15

 

 

 

Page 171
Image 171
Cisco Systems OL-8335-02 manual Configuring Dynamic RRM, Using the CLI to Enable Rogue Access Point Detection