This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SZ - WIPS - Rogue on LAN?

Greg_WiGuy
Contributor II

‎11-27-2020 08:53 AM

Hello,

On Page 205 of the vSZ 5.2 Administrator guide it lists the available Rogue classification rules but does not get into much detail on how they work.

I'm looking for a standard Rogue on Wire detection mechanism that most enterprise vendors implement by scanning on and off channel for BSSIDs then doing a +3-3(or wider range) comparison to the MAC table present on the APs wired interface.  I'd also like to have the AP check other VLANS that are trunked up to the AP from the switch which are not necessarily used for WiFi or Management traffic.

I'm only guessing but maybe "Same Network" is the classification I'm describing - I just can't seem to find more info on this.

0 Kudos
3 REPLIES 3

syamantakomer
Community Admin
Community Admin

‎12-02-2020 07:15 AM

Hi there,

Refer below KBA for more info.

https://support.ruckuswireless.com/articles/000010538 


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn
0 Kudos

Greg_WiGuy
Contributor II
In response to syamantakomer

‎12-02-2020 07:40 AM

Thank you Syamantak,

This is great info.  It would be beneficial to include this in the administrator guide for SZ.

Unfortunately the KBA does not offer detail on how "same network" detection works and only has the mention below.

  • Same Network:
    • Again, when this rule type is selected, you only need to provide a "classification" field to define how to handle this type of rogue

I'd like to know if the AP can detect Rogue APs on ALL VLANs provided by the switch trunk interface connected to the AP?  Some of these VLANS or are not intended for use with WiFi but we need to monitor them for rogue APs.

wiseguyz23
New Contributor
In response to Greg_WiGuy

‎10-22-2024 10:19 AM

Thanks, Greg. I know this is an old thread... but, I'm having the same issue. When I enable Rogue Detection and set the rule to "same network", it only gives me notifications for ALL APs that our Ruckus APs can detect. It doesn't distinguish ON network devices with the similar Mac Addresses. 

0 Kudos
Copyright © 2024 Khoros, LLC