This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Same SSID under vSZ(3.2.1.0.193) is being shown Rogue by Some APs in the Same Zone

raazuko
New Contributor III

‎08-21-2016 02:19 AM

We have a deployment of 80 APs at a site and everything is fine except some of the APs in same Zone are marking each other Rogue and is showing ssid-spoof/same network spoof.Should we be worried?Also is there any misconfiguration in AP-Zone
2 REPLIES 2

michael_brado
Esteemed Contributor II

‎08-23-2016 02:57 PM

Does it show the rogue mac address with all zeros?

That's a symptom of bug SCG-52789: False reporting of Malicious AP (SSID-Spoof).

If similar, please open a ticket with tech support.

Ask if your issue could also be SCG-46716: AP misjudged neighbor AP as SSID-Spoofing after AP boot complete.
or
ER-3066: Ruckus AP detecting other Ruckus AP as rogue (reported on SZ 3.1.1.0.450).
0 Kudos

seanmuir
Contributor III

‎08-25-2016 02:30 AM

It is also worth nothing that rogue reporting works on 2 timers:

1. "Rogue-AP-Record" timer - when a managed AP detects a rogue, it will send a rogue-ap-record to SCG. The lifetime of this record is 1 hour.

2. "Rogue-AP-Entry" timer - if the rogue AP is not detected by any managed APs within the 24 hour period, the rogue AP entry will be removed from SCG.

You could argue that the above mechanisms ensure that the system should be fairly resilient to the issue should it occur, and the issue of false rogue reporting only occurs with SCG-controlled APs which have been restored to network, perhaps with an old configuration present, for example.

Note: WIP/WID are going to be overhauled and the way in which Ruckus reports and deals with rogue devices is going to be a lot better moving forward.
0 Kudos
Copyright © 2025 Khoros, LLC
Top

Type a product name