Cisco 2100 Series Configuration Manual page 276
Wireless lan controller
Hide thumbs
Also See for 2100 Series:
- Configuration manual (50 pages) ,
- Quick start manual (12 pages) ,
- Configuration manual (40 pages)
Table of Contents
Advertisement
Managing Rogue Devices
Figure 5-43 Rogue Rule > Edit Page
b.
From the Type drop-down box, choose Friendly or Malicious to classify rogue access points
matching this rule as friendly or malicious.
c.
From the Match Operation field, choose one of the following:
•
•
To enable this rule, check the Enable Rule check box. The default value is unchecked.
d.
From the Add Condition drop-down box, choose one or more of the following conditions that the
e.
rogue access point must meet and click Add Condition:
•
•
•
•
•
Cisco Wireless LAN Controller Configuration Guide
5-88
Match All—If this rule is enabled, a detected rogue access point must meet all of the conditions
specified by the rule in order for the rule to be matched and the rogue to adopt the classification
type of the rule.
Match Any—If this rule is enabled, a detected rogue access point must meet any of the
conditions specified by the rule in order for the rule to be matched and the rogue to adopt the
classification type of the rule. This is the default value.
SSID—Requires that the rogue access point have a specific user-configured SSID. If you
choose this option, enter the SSID in the User Configured SSID field, and click Add SSID.
To delete an SSID, highlight the SSID and click Remove.
Note
RSSI—Requires that the rogue access point have a minimum received signal strength indication
(RSSI) value. For example, if the rogue access point has an RSSI that is greater than the
configured value, then the access point could be classified as malicious. If you choose this
option, enter the minimum RSSI value in the Minimum RSSI field. The valid range is –95 to
–50 dBm (inclusive), and the default value is 0 dBm.
Duration—Requires that the rogue access point be detected for a minimum period of time. If
you choose this option, enter a value for the minimum detection period in the Time Duration
field. The valid range is 0 to 3600 seconds (inclusive), and the default value is 0 seconds.
Client Count—Requires that a minimum number of clients be associated to the rogue access
point. For example, if the number of clients associated to the rogue access point is greater than
or equal to the configured value, then the access point could be classified as malicious. If you
choose this option, enter the minimum number of clients to be associated to the rogue access
point in the Minimum Number of Rogue Clients field. The valid range is 1 to 10 (inclusive), and
the default value is 0.
No Encryption—Requires that the rogue access point's advertised WLAN does not have
encryption enabled. If a rogue access point has encryption disabled, it is likely that more clients
will try to associate to it. No further configuration is required for this option.
Chapter 5
Configuring Security Solutions
OL-17037-01
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
