Using The Cli To Configure Rogue Ap Detection - Enterasys RoamAbout RBT-4102 Configuration Manual
Wireless access point
Hide thumbs
Also See for RoamAbout RBT-4102:
- Installation manual (78 pages) ,
- Installation manual (72 pages) ,
- Installation manual (50 pages)
Table of Contents
Advertisement
•
RADIUS Authentication enables the access point to discover rogue access points. Enabling
RADIUS Authentication causes the access point to check the MAC address/Basic Service Set
Identifier (BSSID) of each access point that it finds against a RADIUS server to determine
whether the access point is allowed. With RADIUS authentication disabled, the access point
can identify its neighboring access points only; it cannot identify whether the access points are
allowed or are rogues. If you enable RADIUS authentication, you must configure a RADIUS
server for this access point.
•
AP Scan Interval specifies the wait‐time between scans. Range: 30 to 10080 minutes. Default:
720 minutes between scans.
•
AP Scan Duration sets the length of time for each rogue AP scan. A long scan duration time
will detect more access points in the area, but causes more disruption to client access. Range:
100‐ 1000 milliseconds. Default: 350 milliseconds.
•
Scan Now button starts an immediate rogue AP scan for the specified radio interface.
•
Scan All button scans for all 802.11a and 802.11b/g interfaces.
Note: When the access point scans a channel for neighbor AP's, wireless clients will not be able to
connect to the access point. Frequent scanning, or scans, of a long duration will degrade the
access points performance. Therefore, avoid frequent scanning, or scans, of long duration unless
there is a reason to believe that more intensive scanning is required to find a rogue AP.
Using the CLI to Configure Rogue AP Detection
Use the rogue‐ap command to detect neighboring access points and access points that are not
authorized to participate on the network. Use the interface‐a command to set access point
detection parameters for 802.11a interfaces. Use the interface‐g command to set access point
detection parameters for 802.11b/g interfaces. Set up the rogue AP feature by specifying the scan
duration; interduration (amount of time to make frequency channels active to clients); and the
interval between scans. To use rogue AP detection, enable radius authentication using the radius
command. To initiate a Rogue AP scan for all interfaces, use the scan command. Use the show
rogue‐ap command from the Executive mode to view interface‐a and interface‐g settings and to
view scan results for both interfaces.
Example
RoamAbout 4102#configure
Enter configuration commands, one per line. End with CTRL/Z
RoamAbout 4102(config)#rogue-ap radius enable
RoamAbout 4102(config)#rogue-ap interface-g enable
configure either syslog or trap or both to receive the rogue APs detected.
RoamAbout 4102(config)#rogue-ap interface-g duration 200
RoamAbout 4102(config)#rogue-ap interface-g interval 120
RoamAbout 4102(config)#rogue-ap interface-g interduration 2000
RoamAbout 4102(config)#rogue-ap interface-g scan
RoamAbout 4102(config)#exit
RoamAbout 4102#show rogue-ap
802.11a : Rogue AP Setting
========================================================================
Rogue AP Detection
Rogue AP Authentication
Rogue AP Scan Interval
Rogue AP Scan Duration
Rogue AP Scan InterDuration: 3000 milliseconds
: Disabled
: Enabled
: 720 minutes
: 350 milliseconds
RoamAbout RBT-4102 Wireless Access Point Configuration Guide 4-27
Rogue AP Detection
Hide quick links:
Advertisement
Table of Contents
