Wireless Access

last person joined: 6 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Rogue AP

Jump to Best Answer
  • 1.  Rogue AP

    Posted Apr 30, 2016 02:38 PM

    Hi,

     

    Once if the Rogue AP has been contained on Airwave, is there a possibility of this same Rogue AP being detected by some other Discovering AP?

     

    Regards,

    Mona

     



  • 2.  RE: Rogue AP

    Posted Apr 30, 2016 02:40 PM
    Absolutely


  • 3.  RE: Rogue AP

    Posted Apr 30, 2016 02:46 PM
    Hi cjoseph,

    If Yes, then what is the whole point of us blocking the Rogue AP on
    Airwave?, How can we stop it from getting associated with other AP's that
    are registered with Aruba?

    Regards,
    Mona


  • 4.  RE: Rogue AP
    Best Answer

    Posted Apr 30, 2016 02:56 PM
    Airwave will signal to the LAN controller to block access to it. Airwave will still report what access points can see it.


  • 5.  RE: Rogue AP

    Posted Apr 30, 2016 02:59 PM
    Hi Cjoseph,

    Thank you for the information.

    Regards,
    Mona


  • 6.  RE: Rogue AP

    Posted May 03, 2016 03:45 AM

    Hi,

    Containig the Rogue AP will stop connecting to the SSID which is broadcasted by the rogue ap.
    For example if the enterprise ssid is 'test1'
    and the rogue ssid is 'test2'.
    People will not have accesss to test2 ?

    Containing rogue ap can reduce co channel interference if they are using the same channel ?

    Thanks



  • 7.  RE: Rogue AP

    Posted May 03, 2016 05:12 AM

    Typically it would only contain the SSID targeted by the containment, because it is per BSSID or wireless mac address.

     

    Containing rogue APs might or might not reduce co-channel interference, but nobody contains rogue APs for that purpose.

     

    Please see the warning here:  http://community.arubanetworks.com/t5/Wireless-Access/The-FCC-has-clarified-their-stance-on-wireless-containment-but/m-p/226342#M46143

     



  • 8.  RE: Rogue AP

    Posted May 03, 2016 06:24 AM

    Hi

    "Containing rogue APs might or might not reduce co-channel interference".

    Can you tell hows that possible 



  • 9.  RE: Rogue AP

    Posted May 03, 2016 06:44 AM

    Cochannel interference typically depends on  the volume of traffic.  If a rogue access point is not passing much traffic, containing it might generate more traffic and not reduce cochannel interference much.  I am not convinced that containing a rogue access point to avoid cochannel interference is a good strategy;  rogue access points are mainly contained for a security purpose.  The link also mentions that rogue containment could be illegal under certain circumstances.  It is not worth it to avoid cochannel interference when that does not always happen.



  • 10.  RE: Rogue AP

    Posted May 03, 2016 04:31 PM

    Hi Cj ,

    it s becoming more clear  . i had lot of misunderstanding about rogue  access point  . Thank you for cleaing . 

    Now if you could provide little more clarification about your below statment 

     

    "f a rogue access point is not passing much traffic, containing it might generate more traffic and not reduce cochannel interference much" 

     

    can you tell how is that happens ?

     

    Second 

    How airwave stops clients connecting to a rogue ap  

     

    Third 

    Can we define  a portable ap as a rogue ? .Or rogue means someone plug his ap to our lan and start misuse dhcp  ? Or  ap using the same ssid which  i am using in my network  ? 

     

    What are other ways to eliminate or mitigate rogues 

     

    Thanks

     

     

     

     

     

     



  • 11.  RE: Rogue AP

    Posted May 03, 2016 04:55 PM

    @kpaly wrote:

    Hi Cj ,

    it s becoming more clear  . i had lot of misunderstanding about rogue  access point  . Thank you for cleaing . 

    Now if you could provide little more clarification about your below statment 

     

     

    "f a rogue access point is not passing much traffic, containing it might generate more traffic and not reduce cochannel interference much" 

     <Containing Rogue APs involve deauths and if enough devices try to connect to it, it involves more deauths, which increases traffic>

     

    can you tell how is that happens ?

     

    Second 

    How airwave stops clients connecting to a rogue ap  

     <Airwave only signals the controller to deauth an AP.  It does not do the deauths itself>

     

    Third 

    Can we define  a portable ap as a rogue ? .Or rogue means someone plug his ap to our lan and start misuse dhcp  ? Or  ap using the same ssid which  i am using in my network  ? 

     <You can classify any AP as a rogue.  Airwave or the controller will detect APs on the local LAN and classify them as rogues.  Airwave or the controller can optionally contain rogues if the administrator configures Airwave or the controller to do so>.

     

    What are other ways to eliminate or mitigate rogues 

     <Secure your LAN ports is the best way.  The most practical way is to look at the devices that your controller and/or airwave classify as rogues>.

     

    Thanks