I work in a large enviorment with roughly 150 sites (most in the U.S). We have 2 controllers in our data center (3600 & 600) which all of our AP's register to. The corporate office had an auditor come in to evaluate our network security & discovered 11 rogue AP's which are listed in our 6000 controller. I was looking at official Aruba documentation & read that in order for an AP to be classified as a rogue AP that the Aruba AP must scan the wired network looking for mac addresses, routers & gateways. I also read that the rogue AP must be physically connected to the same wired vlan as the Aruba AP. The Aruba document does not mention how an Aruba controller admin can determine which Aruba AP's were responsible for classifying a rogue AP. If I could find out which Aruba AP in my enviorment made classifications for the rogue AP's in the list, it would help me locate the 11 rogue AP's. Can anyone tell me how to find that out? Or how to find the IP addresses/macs the Aruba AP used to classify a rogue AP? Again I work in an extremely large enviorment and dont have access to most of the switches in our networks. Please help!