Table of Contents
Advertisement
Rogue AP Detection
continues to use this RADIUS server as the primary server, and authentication requests are sent to the address
you specify.
The IPv4 address should be in a form similar to xxx.xxx.xxx.xxx (192.0.2.10). The IPv6 address should be in
a form similar to xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (2001:DB8::CAD5:7D91).
• Server IP Address-2—The address for the backup RADIUS server for this Ethernet port. If authentication fails
with the primary server, each configured backup server is tried in sequence.
• Key-1—The shared secret key that the WAP device uses to authenticate to the primary RADIUS server. You
can use up to 63 standard alphanumeric and special characters. The key is case sensitive and must match the
key configured on the RADIUS server.
• Key-2—The shared secret key that the WAP device uses to authenticate to the backup RADIUS server.
• Enable RADIUS Accounting—Enables tracking and measuring of the resources a particular user has consumed,
such as system time, amount of data transmitted and received, and so on. If you enable RADIUS accounting, it
is enabled for the primary RADIUS server and all backup servers.
• Active Server —Enables administratively selecting the active RADIUS server, rather than having the WAP
device attempt to contact each configured server in sequence and choose the first server that is up.
• Periodic Re-authentication—Enables EAP re-authentication.
• Re authentication Period— Enter the EAP re-authentication period in seconds. The default is 3600. The valid
range is from 300 to 4294967295 seconds.
• Click OK to save and close the dialogue.
Step 7
Click Apply.
Rogue AP Detection
A Rogue AP is an access point that has been installed on a secure network without explicit authorization from
a system administrator. The rogue AP poses a security threat because anyone with access to the premises can
unconsciously or maliciously install an inexpensive wireless WAP device that can potentially allow unauthorized
parties to access the network.
The WAP device performs a RF scan on all channels to detect all APs in the vicinity of the network. If rogue
APs are detected, they are shown on the Rogue AP Detection page. If an AP listed as a rogue is legitimate, it
can be added to the Known AP List.
Note
The Detected Rogue AP List and Trusted AP List provide information. The AP does not have any control
over the APs on the list and cannot apply any security policies to APs detected through the RF scan.
When the Rogue AP detection is enabled, the radio periodically switches from its operating channel to scan
other channels within the same band.
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE / Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE
42
System Configuration
Advertisement
Table of Contents
