Rogue Access Point (AP) Detection on the WAP121 and WAP321 Access Points

Available Languages

Download Options

PDF (784.8 KB)
View with Adobe Reader on a variety of devices
ePub (824.7 KB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (270.0 KB)
View on Kindle device or Kindle app on multiple devices

Updated:December 11, 2018

Document ID:SMB2128

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Rogue Access Point (AP) Detection on the WAP121 and WAP321 Access Points

Objective

A rogue Access Point (AP) is an access point that has been installed on a network without explicit authorization from a system administrator. Rogue access points pose a security threat because anyone with access to the area can knowingly or unknowingly install a wireless access point that can allow unauthorized parties access to the network. The Rogue AP Detection page displays information about these access points. You can add any authorized access points to the Trusted AP List. This article explains how to detect a rogue Access Point (AP) on the WAP121 and WAP321 Access Points

Applicable Devices

• WAP121
• WAP321

Software Version

• 1.0.3.4

Rogue AP Detection Configuration

Step 1. Log in to the Access Point Configuration Utility and choose Wireless > Rogue AP Detection. The Rogue AP Detection page opens:

Step 2. Check Enable to enable AP Detection.

Step 3. Click Save after you enable AP detection to show the list of detected rogue access points. A warning screen will appear.

Step 4. Click OK to proceed. The Detected Rogue AP list displayed as below.

The following information for the detected access points is displayed:

• MAC Address — The MAC address of the detected AP.

• Beacon Interval (milliseconds) — The beacon interval that is used by the detected AP. Beacon frames are transmitted by an AP at regular intervals to announce the existence of the wireless network. The default time to send a beacon frame is once every 100 milliseconds.

• Type — The type of the detected device. Can be AP or Ad hoc.

• SSID — The SSID of the detected AP.

• Privacy — Indicates whether there is any security on the neighboring AP.

• WPA — Indicates whether WPA security is off or on for the detected AP.

• Band — Indicates the IEEE 802.11 mode that is used on the detected AP. This can be either 2.4 or 5.

• Channel — The channel that the detected AP currently broadcasts on.

• Rate — The rate at which the detected AP currently broadcasts.

• Signal — The strength of the radio signal that emits from the detected AP.

• Beacons — The total number of beacons received from the AP since it was first detected.

• Last Beacon — The date and time of the last beacon received from the detected AP.

• Rates — The supported and basic rate sets for the detected AP (in megabits per second).

Step 5. Click Trust next to an entry to add it to the Trusted AP List table. You can get the trusted list by downloading and can save the current list to your PC, for download/backup go to Download/ Backup Trusted AP List.

Step 6. (Optional) If you want to remove the Trusted AP list then click Untrust.

Download/ Backup Trusted AP List

Step 1. Choose whether you want to download the current trusted AP list from PC or save the current list to PC from the Save Action.

• Download (PC to AP) — If you want to import the list from a file and replace the contents of the known AP list then go to Download (PC to AP).

• Backup (AP to PC) — If you want to save the current list to the PC then go to Backup (AP to PC).

Download (PC to AP)

Step 1. Click the Download (PC to AP) radio button to download the list from the PC.

Step 2. Click Browse to locate the file on the PC. The import file should be a plain-text file with a .txt or .cfg extension. Entries in the import file are MAC addresses in hexadecimal format with each octet separated by colons. Entries must be separated with a single space. File must contain only MAC addresses then AP accept the file.

Step 3. Choose to File Management Destination to replace or to add the content to the Trusted AP List.

• Replace — To import the list and replace the contents of the Trusted AP list

• Merge — To import and add the APs of the imported file to the Trusted AP list.

Note: Once the import is completed, the screen refreshes and the MAC addresses of the APs in the imported file appear in the Known AP List.

Step 4. Click Save to save all the changes made.

Backup (AP to PC)

Step 1. Click the Backup (AP to PC) radio button to save the list to your PC.

Step 2. Click Save to save the changes made, then a notification window appears as shown below which gives information of the file.

Revision History

Revision	Publish Date	Comments
1.0	11-Dec-2018	Initial Release

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)