Wireless Access

Reply
Contributor II

Wired Rogue AP

Helo,

 

I am looking through the USer guide for 3.2 and 6.1 OS and I could not find the specifics on how to configure detecting a wired rogue AP. It does say something about gateways and switches but does not go further into the detail. How does wired rogue AP detection work? How can it be configured? We are using 6.1 OS. Thanks.

 

 

Guru Elite

Re: Wired Rogue AP

You should not have to configure it.

 

With only the base license (without the RF Protect License), you just need to make sure that there is an access point on every layer2 wired subnet you want to protect, and make sure each access point would be able to "hear" rogue APs in your environment.

 

WITH the RFprotect license, you can run the WIPs Wizard to provide additional functionality to Rogue AP detection.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: Wired Rogue AP

Hi,

 

We have the RF protect license. So if I wire an AP to a switch that contains VLAN 1 only for example (all ports are in VLAN 1), then any broadcast will be heard by the AP and sent to the controller? If so, will the controller automatically learn what is a rogue AP just because it hears the OUI and MAC address both on the wireless and wired side? 

Guru Elite

Re: Wired Rogue AP


baboyero wrote:

Hi,

 

We have the RF protect license. So if I wire an AP to a switch that contains VLAN 1 only for example (all ports are in VLAN 1), then any broadcast will be heard by the AP and sent to the controller? If so, will the controller automatically learn what is a rogue AP just because it hears the OUI and MAC address both on the wireless and wired side? 


1.  yes.

2.  yes



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: Wired Rogue AP

We have about 100-160 vlans within our network and potentially anyone can plug in a rogue AP into one of our switch ports. Can the 100-160 VLANs within the maximum number of VLANs an Aruba 6000 controller can handle for rogue AP detection? What performance degradation should we concerned about? Thanks.  

Re: Wired Rogue AP

You can probably trunk all vlans to a port-channel which would effectively allow your APs to hear on all VLANS.

 

In terms of performance degradation, I am unsure.

 

Why so many vlans?

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: