06-16-2016 11:53 AM
So our rogue detection on the LAN seemed to previously work when we had our user VLANs trunked to our controller. We have noticed and tested that it doesn't seem to detect anymore after we moved all our different areas to new layer 3 networks so we can't trunk layer 2 VLANs to the controller anymore. The AP's are all still in the user VLAN, is the only away to detect properly is to deploy air monitors or is there something else we can do?
06-16-2016 08:54 PM
Additionally, any local-to-the-network VLANs need to be trunked to the AMs and APs as well so that those APs and AMs can sniff the other VLAN's traffic. Even though the AM or AP will see dot1q tags, they know how to parse and inspect them.
Sr. Techical Marketing Engineer
06-16-2016 10:30 PM
When the controller sees the MAC address AP via wireless (WiFi) and Wireless (LAN), it is classified as a Rogue AP.
and since the MAC address belong to Layer 2 (VLAN), as said before, you must have at least one AP in each VLAN or better AM trunked with all VLANs to be able to detect Rogue AP
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX
[If my post is helpful please give kudos, or mark as solved if it answers your post.]