Wireless Access

Reply
Contributor II
Posts: 54
Registered: ‎08-29-2010

rogue AP's

Hi,

 

I can see five rogue devices in my controller dashboard, however it seems they are my neighbors AP, how could an AP which is not connected to our lan is shown as Rogue, we use 6.1.3.4 code.

 

Thanks

 

Guru Elite
Posts: 20,788
Registered: ‎03-29-2007

Re: rogue AP's

Type "show wms ap list | include rogue" to find out what access points are labeled as rogues.

 

To find out why, type "show wms rogue-ap <mac address>" to get more details on why.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 2,948
Registered: ‎10-25-2011

Re: rogue AP's

[ Edited ]

That should not happen i guess

You have to first see how that ap was classify as Rogue AP

 

For this you first would like to know the BSSID

 

issue the command

show wms ap list | include rogue

 

You will see the list of ap rogues APS

you retrive the BSSID

 

then you do

 

show wms rogue-ap <bssid>

 

you can post the output maybe we can help you to find out

 

Cheers

Carlos

 

edit

Heh i went out a min and the asnwer was already there :) well since i cannot delete my post ill just leave it there..

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Contributor II
Posts: 54
Registered: ‎08-29-2010

Re: rogue AP's

Rogue AP Info
-------------
Key           Value
---           -----
BSSID         00:0d:97:08:67:6f
SSID          amr
Channel       1
Type          generic-ap
RAP Type      rogue
Status        up
Match Type    Classification-Disabled
Match MAC     00:00:00:00:00:00
Match IP      0.0.0.0
Match AM      OUR AP

Match Method  N/A
Match Time    Sat Sep  1 21:13:46 2012

MVP
Posts: 2,948
Registered: ‎10-25-2011

Re: rogue AP's

Okay thats weird... that match type i never seen before... is not even on the rogue ap guide so i dont know what does that mean....


If i were you i would go to

Maintenaince --->WMS database ---> click on clean old entries

 

What will do is cleaning all the entries you see on discovered APS incluiding all the rogue aps suspected rogue aps etc etc

I think it will ask you to reboot the controller so save your configuration...

 

It it appear AGAIN with that classification i would open a support case to see if Aruba tac can help me knowing what does mean that classification

 

Anyways thats what i would do... you can wait for Cjoseph to see what he says...

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Guru Elite
Posts: 20,788
Registered: ‎03-29-2007

Re: rogue AP's


mgeorge wrote:

Rogue AP Info
-------------
Key           Value
---           -----
BSSID         00:0d:97:08:67:6f
SSID          amr
Channel       1
Type          generic-ap
RAP Type      rogue
Status        up
Match Type    Classification-Disabled
Match MAC     00:00:00:00:00:00
Match IP      0.0.0.0
Match AM      OUR AP

Match Method  N/A
Match Time    Sat Sep  1 21:13:46 2012


That is because you have Rogue AP classification unchecked in the IDS unAuthorized Device Profile.  When you have that unchecked, you are saying that you want to disable classification methods and just mark ALL access points, besides your own, as Rogues.  This is used when you have a space that is totally your own, and you do not expect anything besides your own APs on your controller to be in that space.  Make sure Rogue AP classification is checked so that the normal classification will be used:

 

class.png



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 2,948
Registered: ‎10-25-2011

Re: rogue AP's

Thanks for the info Colllin!

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Contributor II
Posts: 54
Registered: ‎08-29-2010

Re: rogue AP's

Thanks to all, what's that match MAC, why is it all zeros.

Guru Elite
Posts: 20,788
Registered: ‎03-29-2007

Re: rogue AP's

In this situation it does not mean anything. If the ap was discovered on your wired network, that would be the wired mac address discovered for the positive match.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II
Posts: 54
Registered: ‎08-29-2010

Re: rogue AP's

I can assume that AP is not discovered in the wired network and no Outsider AP is connected to my network. I wonder how the controller can classify this as a Rogue. Thank you.

Search Airheads
Showing results for 
Search instead for 
Did you mean: