Wireless Access

Reply
Contributor I

How to protect valid SSID

Hi all,

 

I tested WIP feature with protect valid SSID on my testing LAB but some client still connect to interfering AP which config as the same SSID in my test system.

 

I'm running in 6.1.3.2 and below is some configuration

 

IDS Unauthorized Device Profile "Rogue-contain"
-----------------------------------------------
Parameter                                           Value
---------                                           -----
Detect Adhoc Networks                               false
Protect from Adhoc Networks                         false
Detect Windows Bridge                               true
Protect Windows Bridge                              false
Detect Wireless Bridge                              false
Detect Devices with an Invalid MAC OUI              false
MAC OUI detection Quiet Time                        900 sec
Wireless Bridge detection Quiet Time                900 sec
Rogue AP Classification                             true
Overlay Rogue AP Classification                     true
OUI-based Rogue AP Classification                   true
Propagated Wired MAC based Rogue AP Classification  true
Valid Wired MACs                                    N/A
Allow Well Known MAC                                N/A
Rogue Containment                                   false
Suspected Rogue Containment                         false
Suspected Rogue Containment Confidence Level        60
Protect Valid Stations                              false
Detect Station Association To Rogue AP              true
Detect Bad WEP                                      false
Detect Misconfigured AP                             false
Protect Misconfigured AP                            false
Detect Valid SSID Misuse                            true
Protect SSID                                        true
Privacy                                             false
Require WPA                                         false
Detect Unencrypted Valid Clients                    true
Unencrypted Valid Client Detection Quiet Time       900 sec
Valid 802.11g channel for policy enforcement        N/A
Valid 802.11a channel for policy enforcement        N/A
Valid MAC OUIs                                      N/A
Valid and Protected SSIDs                           cppm2-onguard
Protect 802.11n High Throughput Devices             false
Protect 40MHz 802.11n High Throughput Devices       false
Detect Active 802.11n Greenfield Mode               false
Detect Adhoc Network Using Valid SSID               true
Adhoc Network Using Valid SSID Quiet Time           900 sec
Detect Valid Client Misassociation                  true

============================

 

thanks in advance,

 

PS. I have dedicate AM in my test system

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: