Showing results for 
Search instead for 
Did you mean: 

Rogue APs detection / exceptions

New Contributor III

Hi to all... on the same area i have two differnet networks one with vSZ and some ruckus APs and another network with Unifi Controller and APs... i can see that ruckus detect many of the unifis as Rogue and probably blocks them.. (i cannot fully understand what 'block' means)... i found the WIPS rules but can i add some exceptions so any of the unifi's are not detected as rogues? 



RUCKUS Team Member

Hello @gsfakian 

  • SZ will send malicious list (that include Ruckus and 3rd party AP) to Ruckus AP terminating on the controller in every 15 minutes.
  • The malicious list pushed from SZ consists of BSSIDs only and AP will send broadcast deauthentication frame, when "Protect the network" function is enabled, during the background scan.

Please refer the below Knowledge base article to configure the Rogue Detection policy.

You can configure the rogue classification policy as "Known" for the Unify APs. 

RUCKUS Team Member

Hi @gsfakian 

When the WIPS is enabled, Ruckus APs will try to scan and detect the Rogue APs, which are basically 3rd party APs which is broadcasting nearby.

Based on the settings configured, Ruckus APs are capable of "Just to detect and notify" or "Detect and block it".
Ruckus APs will send a deauth packets using the 3rd party APs BSSID, so that your network clients or any clients able to receive this packet from Ruckus AP will not be able to connect to the SSID which is broadcasting from the Unifi AP.

On the Zone settings, if you have "Rogue AP Detection" and "Protect the network from malicious rogue access points" enabled, then the AP will send deauth blocking the clients to connect to Unifi AP.

In that case, go to Rogue Device list >> Select the Unifi APs >> Select "Mark as known".


Or you can simple disable the option "Protect the network from malicious rogue access points" on the zone settings.