User guide
Table Of Contents
- Introduction
- Installation and Initialization
- System Status
- Advanced Configuration
- System
- Network
- Interfaces
- Management
- Filtering
- Alarms
- Bridge
- QoS
- Radius Profiles
- SSID/VLAN/Security
- Monitoring
- Commands
- Troubleshooting
- Command Line Interface (CLI)
- General Notes
- Command Line Interface (CLI) Variations
- CLI Command Types
- Using Tables and Strings
- Configuring the AP using CLI commands
- Set Basic Configuration Parameters using CLI Commands
- Set System Name, Location and Contact Information
- Set Static IP Address for the AP
- Change Passwords
- Set Network Names for the Wireless Interface
- Enable 802.11d Support and Set the Country Code
- Enable and Configure TX Power Control for the Wireless Interface
- Configure SSIDs (Network Names), VLANs, and Profiles
- Download an AP Configuration File from your TFTP Server
- Backup your AP Configuration File
- Set up Auto Configuration
- Other Network Settings
- Configure the AP as a DHCP Server
- Configure the DNS Client
- Configure DHCP Relay
- Configure DHCP Relay Servers
- Maintain Client Connections using Link Integrity
- Change Wireless Interface Settings
- Set Ethernet Speed and Transmission Mode
- Set Interface Management Services
- Configure Syslog
- Configure Intra BSS
- Configure Wireless Distribution System
- Configure MAC Access Control
- Set RADIUS Parameters
- Set Rogue Scan Parameters
- Set Hardware Configuration Reset Parameters
- Set VLAN/SSID Parameters
- Set Security Profile Parameters
- CLI Monitoring Parameters
- Parameter Tables
- CLI Batch File
- ASCII Character Chart
- Specifications
- Technical Services and Support
- Statement of Warranty
Advanced Configuration AP-700 User Guide
Alarms
86
Rogue Scan
The Rogue Scan feature provides an additional security level for wireless LAN deployments. Rogue Scan uses the
selected wireless interface(s) for scanning its coverage area for Access Points and clients.
A centralized Network Manager receives MAC address information from the AP on all wireless clients detected by the AP.
The Network Manager then queries all wired switches to find out the inbound switch/port of these wireless clients. If the
switch/port does not have a valid Access Point connected to it as per a pre-configured database, the Network Manager
proceeds to block that switch/port and prevent the Rogue AP from connecting to the wired network.
Figure 4-34 Preventing Rogue AP Attacks
The figure above shows Client 1 connected to a Trusted AP and Client 2 connected to a Rogue AP. The Trusted AP
scans the networks, detects Client 2, and notifies the Network Manager. The Network Manager uses SNMP/CLI to query
the wired switch to find the inbound switch port of Client 2’s packets. The Network Manager verifies that this switch/router
CLI Configuration File Execution
Errors
4 Minor There is an error in execution of the CLI
configuration file. The message specifies the
filename, line number, and error reason.
SSH Initialization Failure 3 Major One of the following failures occurs:
Keys not present
Keys cannot be generated
Internal error (no available resources)
SSH Key Generation Successful 6 Informational SSH Key generation is successful.
Wireless Service Shutdown 6 Informational Wireless service is shutdown.
Wireless Service Resume 6 Informational Wireless service resumes.
MIC Attack Occurred 4 Minor MIC attack occurred; wireless interface is shut
down for 60 seconds
MIC Attack from Wireless Station 4 Minor A MIC attack is detected from a wireless station.
SNTP Time Retrieval Failure 4 Minor SNTP Client in the AP fails to retrieve time
information from the configured SNTP servers.
Also included in message: IP Address of SNTP
server.
SNTP Time Sync-Up Failure 4 Minor SNTP Client in the AP fails to synchronize the time
with the SNTP server it was communicating with.
Also included in message: IP Address of SNTP
server.
Syslog Message Name Priority Severity Description