Command Groups
Rogue AP Commands
ʺRogue APʺ describes an access point that is not authorized to participate on the network. It may not have the proper security settings in place. Rogue APs can potentially allow unauthorized users access to the network. In addition, a legitimate client may mistakenly associate to a Rogue AP with invalid encryption settings and not to the AP that has been configured for it to use. This can cause a denial of service problem.
This feature scans the airwaves and collects information about access points in the area. It lists neighbor access points found during the scan in the Neighbor AP Detection Status page after the scan is complete.
In addition, if RADIUS is enabled, it performs a RADIUS server look up for the MAC address of each access point found. It reports access points whose MAC addresses it finds in the RADIUS server in the Neighbor AP Detection status list. It reports access points whose MAC addresses it does not find as rogue APs in the syslog.
Use the commands described in Table A‐16 to configure and use rogue AP.
Table A-17 Rogue AP Commands
Command | Function | Mode | Page |
|
|
|
|
Enables the rogue AP feature on the | GC | ||
| radio interfaces. |
|
|
|
|
|
|
Sets amount of time to scan each | GC | ||
| frequency channel. |
|
|
|
|
|
|
Sets amount of time to make frequency | GC | ||
interduration | channels active to clients. |
|
|
Sets amount of time between scans. | GC | ||
Scans the specified radio interface for | GC | ||
| rogue access points and for neighbors. |
|
|
|
|
|
|
| Enables the access point to identify | GC |
|
| rogue APs by performing a RADIUS |
|
|
| server look up of the MAC addresses of |
|
|
| all access points it finds during a scan. |
|
|
rogue-ap scan
rogue-ap sortmode
Scans all interfaces for rogue APs. | GC | |
|
|
|
Specifies the parameter by which the | GC | |
rogue ap report sorts the list of APs for |
|
|
display. |
|
|
show | Displays rogue AP feature settings and | Exec | |
| results of rogue AP scan. |
|
|
|
|
|
|