About Allowed List Workflow
The Cisco DNA Center Rogue Management and aWIPS workflow allows you to review and mark the MAC Address of rogue access points, that you want to move to the allowed list in a bulk, and process bulk allowed list of selected Access Point MAC addresses.
Rogue Management and aWIPS workflow supports APs that are associated with Cisco AireOS Controllers and Cisco Catalyst 9800 Series Wireless Controllers.
You can move the following rogue AP types to the allowed list using this workflow:
-
Rogue on Wire
-
Honeypot
-
Interferer
-
Neighbor
You cannot move the following rogue AP types to the allowed list using this workflow:
-
Beacon DS Attack
-
AP Impersonation
-
Friendly
Set Up the Allowed List Workflow
This procedure shows how to move rogue AP MAC addresses to the allowed list in bulk. These addresses are ones that you do not want to report as high threat in Cisco DNA Center.
Before you begin
To perform the following task, you must have SUPER-ADMIN-ROLE or NETWORK-ADMIN-ROLE permissions.
Procedure
Step 1 |
In the Cisco DNA Center GUI, click the Menu icon () and choose . The Set up Rogue Management and aWIPS window appears. |
||
Step 2 |
Click Let's Do it. To skip this screen in the future, check the Don't show this to me again check box. The Bulk upload allowed access points window appears. |
||
Step 3 |
In the Search field, you can search for the MAC addresses that were already added in the previous workflow. Click Export to export the allowed list. |
||
Step 4 |
You can download the sample CSV template file and manually add the MAC address, operation, and category to create the bulk allowed list template. Click the Download the sample CSV template from here link. You can hover your cursor over the notification symbol to view the format of allowed MAC addresses, operations, and categories. |
||
Step 5 |
You can either drag and drop the CSV file into the boxed area or click Choose a file and browse to the CSV file on your system. The maximum size of the CSV file is 1.2 MB.
|
||
Step 6 |
Click Next. |
||
Step 7 |
In the Summary window, the Uploaded bulk allowed list MAC addresses table displays the list of allowed MAC addresses in bulk, and the respective operation and action.
|
||
Step 8 |
Click Continue to allowed list, and in the warning pop-up window, click Yes. The Done! Allowed List Updated window appears. |
||
Step 9 |
Click the Go to Rogue and aWIPS Home Page link. The Rogue and aWIPS dashboard appears. In the Threat table, Cisco DNA Center now categorizes the specified rogue AP MAC addresses as Allowed List under the Type column. |
||
Step 10 |
To add or delete a rogue AP MAC address individually, click the rogue MAC address listed under the Threat MAC address column. The Threat 360 window appears. |
||
Step 11 |
Click the Action drop-down list and choose Add to Allowed list. To remove the rogue AP MAC address from the allowed list individually, in the Action drop-down list, choose Remove from Allowed list. |