Wireless Access

Reply
Occasional Contributor II

Poisoning the AP remotely

I have RAP's deployed at remote site and connects to controllers via public connection. Is there a way to poison a RAP (remove configs) remotely even if its not live on network. If yes, please let me know the procedure. Thanks

Retired Employee

Re: Poisoning the AP remotely

You can re-provision the RAP with a non-existent controller IP, but it has to be online on the controller for the re-provisioning to work.

If you want to remove entire configuration then you should reset the RAP for which you need physical access to the RAP.

Hope that answers your question.

Regards,
--
--
HT
Occasional Contributor II

Re: Poisoning the AP remotely

Thanks for your reply. Actually, I am very much aware about re-provisioning the RAP while its live on network or removing the configs by getting into AP's console/hard reset to factory defaults.

 

I was looking to poison the RAP while its in offline mode. I believe this is not possible and AP has to be online to modify the configs.

Contributor I

Re: Poisoning the AP remotely

We have come up with a procedure that accomplishes this to some extent.

 

Create an AP group called "DisabledAP" or something similar.  Configure it with the following settings:

 

  rf dot11a-radio-profile "A_disabled"

     no radio-enable

  !

  rf dot11g-radio-profile "G_disabled"

     no radio-enable

  !

  ap wired-port-profile "Locked"

     shutdown

  !

  ap-group "DisabledAP"

     dot11a-radio-profile "A_disabled"

     dot11g-radio-profile "G_disabled"

     enet1-port-profile "Locked"

 

 

Then from the RAP Provisioning page, put the RAP in that group.  The next time the AP comes online, it will receive a new configuration which disables the ethernet1 port and both radios.

 

Does that accomplish your goal?

 

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: