Rogue AP not being detected in-network

  • 1
  • Question
  • Updated 5 years ago
  • Answered
I'm testing rogue AP detection and I have an old AP from another vendor plugged into a switch right next to my AP121 and the AP121 doesn't see it as an in network rogue. Any ideal on what is going on? I do have a WIPS policy configured and only Aerohive MAC OUIs are to the right. No VLAN issues, because they are plugged into a dumb switch for testing purpose.
Photo of T_RTI

T_RTI

  • 4 Posts
  • 2 Reply Likes

Posted 5 years ago

  • 1
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Do you have at least one active client using that AP? What radio channel is it using (by default it would select one that does not conflict with our AP if we were already operating when it booted up)? From the online help:

In-net—HiveManager displays only rogue APs that are in the same network as the APs that detected them. (Note that APs can only detect if a rogue AP is in the same subnet as itself if the rogue AP has at least one active client and is using the same radio channel as the AP. For more information, see "WIPS Policy Settings".)
Photo of T_RTI

T_RTI

  • 4 Posts
  • 2 Reply Likes
I will try it with a separate laptop connected to my fake SSID and let this setup sit for a few hours.

I would think that a detected SSID and wired network neighbor information would trigger the alarm though.

I'll update as soon as I get more testing done. Thanks for the quick reply!