CommScope RUCKUS Community Forums

yuriy_babak · ‎02-20-2020

Hey.

We use vSZ-E (3.5.1.0.296) with 80 access points.

6 zones are configured of which 2 without access points (used as a template).

In one of the zones there are only 6 access points.

But a strange thing happens in her ...

"An SSID-spoofing rogue AP [24: 79: 2A: 2B: 55: BC] with SSID [TavriaV_Intercom] is detected by [AP-R510_Ark_47 @ 24: 79: 2A: 2B: 55: B0] on channel [153]."

Those. the access point has declared its own BSSID malicious!

In the remaining zones, everything is OK.

I made a stable zone clone, corrected VLANs, moved these 6 points - I got the same problem.

When scanning WiFi, you can really see duplicate SSIDs, sometimes with different authentication settings (some key suddenly appears on an open network).

Google did not help, nor did a search in the knowledge base and forum.

I ask for help!

Desirable links to a knowledge base, documentation or solution.

yuriy_babak · ‎02-20-2020

Image_ images_messages_5f91c44c135b77e247a0ce2d_82e1abda2f384f4a91039edb5876693a_RackMultipart2020022035123do3s-944b7709-f109-449a-b302-85987d013069-1626998337.png1582237753

Some picture about this trouble.

michael_brado · ‎02-20-2020

I can't find any bugs that look like this, but we do have newer release of SZ 3.5.1.0.862 which may have fixed it...

https://support.ruckuswireless.com/documents/2017-smartzone-3-5-1-0-862-mr1-patch1-release-notes

https://support.ruckuswireless.com/software/1451-vsz-3-5-1-0-862-mr1-patch1-software-release-ximg-im...

hyosang_choi · ‎02-20-2020

There may be WIPS around using the TARPIT method.

CommScope RUCKUS Community Forums

The same SSID on the same APs in the same vSZ zone is periodically declared malicious by different AP.