How to Make the Ap learn the Gateway mac if it is HSRP/VRRP
By default we ignore gateway MAC’s with VRRP or HSRP addresses and because of which we may end up detecting the AP as a suspect rogue with 20% (matched just on Ethernet MAC).
If you have two enterprises class companies in the same location it is very possible that they would be using Cisco HSRP or VRRP as the router address, so it is very possible for us to incorrectly determine an AP is a rogue if the customer next door just happens to have a HSRP interface - which happens to match your own
To be done
We have to enable the following option in IDS for the Ap to learn he gateway if it’s configured as HSRP
ids unauthorized-device-profile "default"