Rogue Detection and Countermeasures 545

Configuring a Permitted SSID List

The permitted SSID list specifies the SSIDs that are allowed on the network. If WSS Software detects packets for an SSID that is not on the list, the AP that sent the packets is classified as a rogue. WSS Software issues countermeasures against the rogue if they are enabled.

By default, the permitted SSID list is empty and all SSIDs are allowed. If you configure a permitted SSID list, WSS Software allows traffic only for the SSIDs that are on the list. The permitted SSID list applies only to the WSS switch on which the list is configured. WSS switches do not share permitted SSID lists.

To add an SSID to the list, use the following command:

set rfdetect ssid-list ssid-name

The following command adds SSID mycorp to the list of permitted SSIDs:

23x0# set rfdetect ssid-list mycorp

success: ssid mycorp is now in ssid-list.

To display the permitted SSID list, use the following command:

show rfdetect ssid-list

The following example shows the permitted SSID list on WSS switch:

23x0# show rfdetect ssid-list Total number of entries: 3

SSID

-----------------

mycorp corporate guest

To remove an SSID from the permitted SSID list, use the following command:

clear rfdetect ssid-list ssid-name

The following command clears SSID mycorp from the permitted SSID list:

23x0# clear rfdetect ssid-list mycorp

success: mycorp is no longer in ssid-list.

Nortel WLAN Security Switch 2300 Series Configuration Guide

Page 545
Image 545
Nortel Networks 2300 manual Configuring a Permitted Ssid List, Set rfdetect ssid-list ssid-name, Show rfdetect ssid-list