Hello Cjoseph
i got a question regarding to this
I got a deployment on a client with the IPS
okay in that client there is a vlan in which they got all the APS and the wireless controller, thats the only thing in that vlan, nothing else.
now i got 2 APS as possible rogue
1 AP is a known AP they got inside their corporation
1 AP that they dont know about it.
Now we have not YET activate or trunk ANY vlan to the APs OR the Wireless controller.(the only vlans that are trunked to the WC are the vlans for the SSIDS that are distributing the Aruba APs.
If i see the second AP they dont know about the SNR is really low 5 or 6 is the number and just 3 APs of all the aps can see it... and they all see it with low number 5, 6 or 7 on the SNR.
Now on the known AP that i we all know there is inside the company, almost all the APS can see it...
and when i run
Suspect Rogue AP Info
---------------------
Key Value
--- -----
BSSID 74:f0:6d:20:da:98
SSID ssidoftheap
Channel 2
Type generic-ap
RAP Type suspected-rogue
Confidence Level 20%
Status up
Match Type AP-Wired-Mac
Match MAC 00:16:43:c4:d0:0e
Match IP 0.0.0.0
Match AM AP_C4
Match Method Exact-Match
Helper AP BSSID 00:00:00:00:00:00
Match Time Mon Feb 27 10:56:09 201
on the wireless controller
i got 3 vlans configured on the WC
vlan 500 the vlan that the administration of the wireless controller is,
vlan 501 internal access
vlan 502 guest access
They put the Known AP(which is not Aruba ap) on vlan 501 for some reason.
They are not trunking any vlan to those APs they just got it on access on the vlan 500
So how its possible for the AP_C4 to detect that from wired?
Even the other Unkown AP i was talking about up, also was detected as suspected rogue... buti manually changed it to interference.
Is there any way to clear the data on the dashboard on the security tab so it reclasify automatically everything AGAIN to see if it keep detecting those APs as rogue and even with Match Type AP-Wired-Mac?
It just that its really odd... and i dont understand...the bigger issue is that i dont manage the network there and the ones that are working with me is the security department, which is not the networking deparment... and they dont have access to anything of this...
The thing is that the mac address i mean this one Match MAC 00:16:43:c4:d0:0e is not on
show wms wired-mac prop-eth-mac
or on show wms system-wired-mac