Controllerless Networks

Occasional Contributor II

Airwave + IAP rouge containment



My boss asked about what we can do about true rouge AP 

1. we can detect with the IDS rules, I have this working on our entire deployment 

2. in our LAB I want to test that if our ssid test-123 and some set "test-123" or similar we can do a Manual contain (for example test-456 should alert)

3. I have my phone doing a fake "test-123" or "test-456"


Air wave detected as a rouge, i manually set to "contain" 


however nothing happens devices can connect to it no issue 


I have the IDS settings set up on the IAP config via airwave as well i have tri Tarpit invlaid and all 


but still nothing i'm not sure if i'm missing a step or if this a controller only thing 

as a side note i have IAP in my house (no airwave) and I cannot get them to block ether. 


we have a pen test coming and i would really like this to work 

Frequent Contributor II

Re: Airwave + IAP rouge containment

Hello Andrew,


We will work with you on this by creating a case, basically TAC needs to test this out in-house or work with IAP engineers, to see if the containtment is happening correctly, from IAP's. i have your email, i will create a case to work with you.

-If you got what you need with my answer please give kudos and mark it as solution.
Occasional Contributor II

Re: Airwave + IAP rouge containment

Thank you plese let me know the results. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: