590
C
26: R
HAPTER
OGUE
Displaying RF
Detection
Information
D
C
ETECTION AND
OUNTERMEASURES
Table 49 IDS and DoS Log Messages (continued)
Message Type
Spoofed AP
Disallowed SSID
detected
AP from disallowed
vendor detected
Client from
disallowed vendor
detected
Interfering client seen
on wired network
You can use the CLI commands listed in Table 50 to display rogue
detection information.
Table 50 Rogue Detection Display Commands
Command
display rfdetect clients
[mac mac-addr]
display rfdetect counters
display rfdetect mobility-domain
[ssid ssid-name | bssid mac-addr]
Example Log Message
AP Mac aa:bb:cc:dd:ee:ff(ssid myssid) is being spoofed.
Received fingerprint 1122343 does not match our
fingerprint 123344.
Detected by listener aa:bb:cc:dd:ee:fd(port 2, radio 1),
channel 11 with RSSI -53.
AP Mac aa:bb:cc:dd:ee:ff(ssid myssid) is not part of
ssid-list.
Detected by listener aa:bb:cc:dd:ee:fd(port 2, radio 1),
channel 11 with RSSI -53.
AP Mac aa:bb:cc:dd:ee:ff(ssid myssid) is not part of
vendor-list.
Detected by listener aa:bb:cc:dd:ee:fd(port 2, radio 1),
channel 11 with RSSI -53.
Client Mac aa:bb:cc:dd:ee:ff is not part of vendor-list.
Detected by listener aa:bb:cc:dd:ee:fd(port 2, radio 1),
channel 11 with RSSI -53.
Client Mac aa:bb:cc:dd:ee:ff is seen on the wired network
by WX 10.1.1.1 on port 3 vlan 2 tag 1. Detected by
listener aa:bb:cc:dd:ee:fd(port 2, radio 1), channel 11 with
RSSI -53.
Description
Displays all wireless clients detected on the
air.
Displays statistics for rogue and Intrusion
Detection System (IDS) activity detected by
the MAPs managed by a WX switch.
Displays information about rogues detected
in a Mobility Domain.
This command is valid only on the Mobility
Domain's seed switch.