Specifications

Configuring Rogue Detection Lists

22-10 Rogue Detection and Countermeasures

Configuring an Ignore List

Bydefault,whencountermeasuresareenabled,MSSconsidersanynon‐Enterasystransmitterto

bearoguedeviceandcansendcountermeasurestopreventclientsfromusingthatdevice.To

preventMSSfromsendingcountermeasuresagainstafriendlydevice,addthedevicetothe

knowndeviceslist.

Ifyouaddadevice

thatMSShasclassifiedasaroguetothepermittedvendorlistorpermitted

SSIDlist,butnottotheignorelist,MSScanstillclassifythedeviceasarogue.Adding anentryto

thepermittedvendorlistorpermittedSS IDlistmerelyindicatesthatthedeviceisfroman

allowed

manufacturerorisusinganallowedSSID.However,tocauseMSStostop classifyingthedeviceas

arogue,youmustaddthedevice’sMACaddresstotheignorelist.

Toaddadevicetotheignorelist,usethefollowingcommand:

set rfdetect ignore mac-addr

Themac‐addristheBSSIDofthedeviceyouwanttoignore.

Examples

ToignoreBSSIDaa:bb:cc:11:22:33duringallRFscans,typethefollowingcommand:

RBT-8100#set rfdetect ignore aa:bb:cc:11:22:33

success: MAC aa:bb:cc:11:22:33 is now ignored.

ToremoveaBSSIDfromtheignore list,usethefollowingcommand:

clear rfdetect ignore mac-addr

Todisplaytheignorelist,usethefollowingcommand:

show rfdetect ignore

ThefollowingcommanddisplaysanignorelistcontainingtwoBSSIDs:

RBT-8100# show rfdetect ignore

Total number of entries: 2

Ignore MAC

-----------------

aa:bb:cc:11:22:33

aa:bb:cc:44:55:66

Note: If you try to initiate countermeasures against a device on the ignore list, the ignore list takes

precedence and MSS does not issue the countermeasures. Countermeasures apply only to rogue

devices.