Manuals / Brands / Computer Equipment / Network Router / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications NOT AVAILABLE 10.4Rogue AP Containment Commands, 10.4.1 Rogue AP Containment Example

1 300

Download 300 pages, 1.67 Mb

Chapter 10 Rogue AP

Containing a rogue AP means broadcasting unviable login data at it, preventing legitimate wireless clients from connecting to it. This is a kind of Denial of Service attack.

10.4Rogue AP Containment Commands

The following table identifies the values required for many of these commands. Other input values are discussed with the corresponding commands.

Table 40 Input Values for Rogue AP Containment Commands

LABEL	DESCRIPTION
ap_mac	Specifies the MAC address (in XX:XX:XX:XX:XX:XX format) of the AP
	to be contained. The no command removes the entry.

The following table describes the commands available for rogue AP containment. You must use the configure terminal command to enter the configuration mode before you can use these commands.

Table 41 Command Summary: Rogue AP Containment

COMMAND	DESCRIPTION
rogue-ap containment	Enters sub-command mode for rogue AP containment.
[no] activate	Activates rogue AP containment. Use the no parameter
	to deactivate rogue AP containment.
[no] contain ap_mac	Isolates the device associated with the specified MAC
	address. Use the no parameter to remove this device
	from the containment list.
exit	Exits configuration mode for rogue AP containment.
show rogue-ap containment list	Displays the rogue AP containment list.

10.4.1 Rogue AP Containment Example

This example contains the device associated with MAC address 00:13:49:11:11:12 then displays the containment list for confirmation.

Router(config)# rogue-ap containment Router(config-containment)# activate Router(config-containment)# contain 00:13:49:11:11:12 Router(config-containment)# exit

Router(config)# show rogue-ap containment list no. mac

=====================================================================

1 00:13:49:11:11:12

92
92	NXC CLI Reference Guide

Contents

NXC Series Quick Start Guide CLI Reference Guide Default Login Details Page Contents Overview Page Page Page Page Page Page Page Page Page Page Page Command Line Interface 1.1 Overview 1.1.1The Configuration File 1.2Accessing the CLI 1.2.1Console Port 1.2.2Web Configurator Console Page Page 1.2.3 Telnet 1.2.4SSH (Secure SHell) 1.3 How to Find Commands in this Guide 1.4 How Commands Are Explained 1.4.1Background Information 1.4.2Command Input Values 1.4.3 Command Summary 1.5CLI Modes 1.6 Shortcuts and Help 1.6.1 List of Available Commands 1.6.2 List of Sub-commandsor Required User Input 1.6.3 Entering Partial Commands 1.6.4 Entering a ? in a Command 1.6.5 Command History 1.6.6 Navigation 1.6.7 Erase Current Command 1.7 Input Values Page Page 1.8 Saving Configuration Changes 1.9Logging Out Page User and Privilege Modes 2.1 User And Privilege Modes Page 2.1.1 Debug Commands Page Object Reference 3.1 Object Reference Commands 3.1.1 Object Reference Command Example Status 4.1 Status Show Commands Page Page Page Registration 5.1 myZyXEL.com overview 5.1.1Subscription Services Available on the NXC 5.1.2 Maximum Number of Managed APs 5.2 Registration Commands 5.2.1 Command Examples 5.3 Country Code Page Page Page Page Interfaces 6.1 Interface Overview 6.1.1 Types of Interfaces 6.2Interface General Commands Summary 6.2.1 Basic Interface Properties and IP Address Commands Page Page 6.2.2 DHCP Setting Commands Page Page Page 6.2.3 Connectivity Check (Ping-check)Commands 6.3 Ethernet Interface Specific Commands 6.3.1 MAC Address Setting Commands 6.4 Port Commands 6.5 Port Role Commands 6.5.1 Port Role Examples 6.6USB Storage Specific Commands Page 6.6.1 USB Storage General Commands Example 6.7 VLAN Interface Specific Commands Page 6.7.1 VLAN Interface Examples Route 7.1 Policy Route 7.2 Policy Route Commands Page Page 7.2.1 Assured Forwarding (AF) PHB for DiffServ 7.2.2 Policy Route Command Example 7.3 IP Static Route 7.4 Static Route Commands 7.4.1 Static Route Commands Example 7.5 Learned Routing Information Commands 7.5.1 show ip route Command Example Page AP Management 8.1 AP Management Overview 8.2 AP Management Commands Page 8.2.1 AP Management Commands Example Wireless LAN Profiles 9.1 Wireless LAN Profiles Overview 9.2 AP & Monitor Profile Commands Page Page Page Page 9.2.1 AP & Monitor Profile Commands Example 9.3 SSID Profile Commands 9.3.1 SSID Profile Example 9.4 Security Profile Commands Page Page 9.4.1 Security Profile Example 9.5 MAC Filter Profile Commands 9.5.1 MAC Filter Profile Example Rogue AP 10.1 Rogue AP Detection Overview 10.2 Rogue AP Detection Commands 10.2.1 Rogue AP Detection Examples 10.3 Rogue AP Containment Overview 10.4Rogue AP Containment Commands 10.4.1 Rogue AP Containment Example Wireless Frame Capture 11.1 Wireless Frame Capture Overview 11.2 Wireless Frame Capture Commands 11.2.1 Wireless Frame Capture Examples Dynamic Channel Selection 12.1 DCS Overview 12.2 DCS Commands 12.2.1 DCS Examples Page Page Wireless Load Balancing 13.1 Wireless Load Balancing Overview 13.2 Wireless Load Balancing Commands Page 13.2.1 Wireless Load Balancing Examples Page Dynamic Guest 14.1 Dynamic Guest Overview 14.2 Dynamic Guest Commands Page 14.2.1 Dynamic Guest Examples Page Zones 15.1Zones Overview 15.2 Zone Commands Summary 15.2.1 Zone Command Examples Page ALG 16.1 ALG Introduction 16.2 ALG Commands 16.3 ALG Commands Example Captive Portal 17.1 Captive Portal Overview 17.1.1 Web Authentication Policy Commands Page Page 17.1.2 page-customizationCommands RTLS 18.1 RTLS Introduction 18.2 RTLS Commands Page Firewall 19.1 Firewall Overview 19.2 Firewall Commands Page 19.2.1 Firewall Sub-Commands 19.2.2 Firewall Command Examples 19.3 Session Limit Commands Page Page Application Patrol 20.1 Application Patrol Overview 20.2 Application Patrol Commands Summary 20.2.1 Pre-definedApplication Commands 20.2.2 Rule Commands for Pre-definedApplications Page 20.2.3 Exception Commands for Pre-definedApplications 20.2.4 Other Application Commands 20.2.5 Rule Commands for Other Applications 20.2.6General Commands for Application Patrol Page Page Page Anti-Virus 21.1 Anti-VirusOverview 21.2 Anti-virusCommands 21.2.1 General Anti-virusCommands 21.2.2 Zone to Zone Anti-virusRules Page 21.2.3 White and Black Lists Page 21.2.4 Signature Search Anti-virusCommand 21.3 Update Anti-virusSignatures 21.3.1 Update Signature Examples 21.4 Anti-virusStatistics 21.4.1 Anti-virusStatistics Example IDP Commands 22.1 Overview 22.2 General IDP Commands 22.2.1IDP Activation 22.3 IDP Profile Commands 22.3.1 Global Profile Commands 22.3.2IDP Zone to Zone Rules 22.3.3 Editing/Creating IDP Signature Profiles 22.3.4 Editing/Creating Anomaly Profiles Page Page Page 22.3.5 Editing System Protect 22.3.6 Signature Search Page Page 22.4 IDP Custom Signatures 22.4.1 Custom Signature Examples Page Page 22.5 Update IDP Signatures 22.5.1 Update Signature Examples 22.6 IDP Statistics 22.6.1 IDP Statistics Example Device HA 23.1 Device HA Overview 23.1.1Before You Begin 23.2 General Device HA Commands 23.3 Active-PassiveMode Device HA 23.4Active-PassiveMode Device HA Commands 23.4.1 Active-PassiveMode Device HA Commands Page 23.4.2 Active-PassiveMode Device HA Command Example Page User/Group 24.1 User Account Overview 24.1.1 User Types 24.2 User/Group Commands Summary 24.2.1 User Commands 24.2.2 User Group Commands 24.2.3 User Setting Commands Page 24.2.4 MAC Auth Commands 24.2.5 Additional User Commands Page Page Addresses 25.1Address Overview 25.2 Address Commands Summary 25.2.1 Address Object Commands 25.2.2 Address Group Commands Page Services 26.1 Services Overview 26.2 Services Commands Summary 26.2.1 Service Object Commands 26.2.2 Service Group Commands Page Page Schedules 27.1 Schedule Overview 27.2Schedule Commands Summary 27.2.1 Schedule Command Examples AAA Server 28.1 AAA Server Overview 28.2Authentication Server Command Summary 28.2.1 aaa group server ad Commands 28.2.2 aaa group server ldap Commands 28.2.3 aaa group server radius Commands Page 28.2.4 aaa group server Command Example Authentication Objects 29.1 Authentication Objects Overview 29.2 aaa authentication Commands 29.2.1 aaa authentication Command Example 29.3 test aaa Command 29.3.1 Test a User Account Command Example Page Authentication Server 30.1 Authentication Server Overview 30.2 Authentication Server Commands 30.2.1 Authentication Server Command Examples ENC 31.1 ENC Overview 31.2 ENC-AgentCommands Page 31.2.1 ENC-AgentCommand Examples Page Certificates 32.1 Certificates Overview 32.2 Certificate Commands 32.3 Certificates Commands Input Values 32.4 Certificates Commands Summary Page 32.5 Certificates Commands Examples System 33.1 System Overview 33.2 Customizing the WWW Login Page Page 33.3 Host Name Commands 33.4 Time and Date 33.4.1 Date/Time Commands 33.5 Console Port Speed 33.6 DNS Overview 33.6.1 DNS Commands 33.6.2 DNS Command Example System Remote Management 34.1Remote Management Overview 34.1.1 Remote Management Limitations 34.1.2System Timeout 34.2 Common System Command Input Values 34.3 HTTP/HTTPS Commands 34.3.1 HTTP/HTTPS Command Examples 34.4 SSH 34.4.1 SSH Implementation on the NXC 34.4.2 Requirements for Using SSH 34.4.3 SSH Commands 34.4.4 SSH Command Examples 34.5 Telnet 34.6 Telnet Commands 34.6.1 Telnet Commands Examples 34.7 Configuring FTP 34.7.1 FTP Commands 34.7.2 FTP Commands Examples 34.8 SNMP 34.8.1 Supported MIBs 34.8.2 SNMP Traps 34.8.3 SNMP Commands 34.8.4 SNMP Commands Examples 34.9 Language Commands File Manager 35.1 File Directories 35.2Configuration Files and Shell Scripts Overview 35.2.1 Comments in Configuration Files or Shell Scripts 35.2.2Errors in Configuration Files or Shell Scripts 35.2.3 NXC Configuration File Details 35.2.4Configuration File Flow at Restart 35.3 File Manager Commands Input Values 35.4 File Manager Commands Summary 35.5 File Manager Command Example 35.6 FTP File Transfer 35.6.1 Command Line FTP File Upload 35.6.2Command Line FTP Configuration File Upload Example 35.6.3 Command Line FTP File Download 35.6.4 Command Line FTP Configuration File Download Example 35.7 NXC File Usage at Startup 35.8 Notification of a Damaged Recovery Image or Firmware 35.9 Restoring the Recovery Image (NXC5200 Only) Page 35.10 Restoring the Firmware Page 35.11 Restoring the Default System Database Page 35.11.1 Using the atkz -uDebug Command (NXC5200 Only) Page Page Logs 36.1Log Commands Summary 36.1.1 Log Entries Commands 36.1.2 System Log Commands 36.1.3 Debug Log Commands 36.1.4 E-mailProfile Log Commands Page 36.1.5 Console Port Log Commands 36.1.6 Access Point Logging Commands Page Page Reports and Reboot 37.1 Report Commands Summary 37.1.1 Report Commands 37.1.2 Report Command Examples 37.1.3 Session Commands 37.2 Email Daily Report Commands Page 37.2.1 Email Daily Report Example 37.3 Reboot Session Timeout Page Diagnostics 39.1 Diagnostics 39.2 Diagnosis Commands 39.3 Diagnosis Commands Example Page Packet Flow Explore 40.1 Packet Flow Explore 40.2 Packet Flow Explore Commands 40.3 Packet Flow Explore Commands Example Maintenance Tools 41.1 Maintenance Tools Commands Page 41.1.1 Command Examples Page Page Page Watchdog Timer 42.1 Hardware Watchdog Timer 42.2 Software Watchdog Timer 42.3 Application Watchdog 42.3.1 Application Watchdog Commands Example Page Managed AP Commands 43.1 Managed Series AP Commands Overview 43.2 Accessing the AP CLI 43.3 CAPWAP Client Commands 43.3.1 CAPWAP Client Commands Example 43.4 DNS Server Commands 43.4.1 DNS Server Commands Example 43.4.2 DNS Server Commands and DHCP Page List of Commands