Operation Manual
RF Detection Commands
RF Detection Commands
20 – 465
set rfdetect active-scan
Deprecated in MSS Version 4.0. You now can disable or reenable active scan in individual radio
profiles. See set radio-profile active-scan on page 12-260.
set rfdetect rogue-list
Adds an entry to the rogue list. The rogue list specifies the MAC addresses of devices that MSS
should issue countermeasures against whenever the devices are detected on the network. The
rogue list can contain the MAC addresses of APs and clients.
Syntax
set rfdetect rogue-list mac-addr
Defaults
The rogue list is empty by default.
Access
Enabled.
History
Introduced in MSS Version 4.0.
Usage
The rogue list applies only to the MX with the configured list. MX switches do not share
rogue lists.
When on-demand countermeasures are enabled (with the set radio-profile countermeasures
configured command) only those devices configured in the rogue list are subject to
countermeasures. In this case, devices found to be rogues by other means, such as policy violations
or by determining that the device is providing connectivity to the wired network, are not attacked.
Examples
The following command adds MAC address aa:bb:cc:44:55:66 to the attack list:
MX# set rfdetect rogue-list 11:22:33:44:55:66
success: MAC 11:22:33:44:55:66 is now in roguelist.
See Also
● clear rfdetect rogue-list on page 20-462
● show rfdetect rogue-list on page 20-471
● set radio-profile countermeasures on page 12-268
set rfdetect black-list
Adds an entry to the client blacklist. The client blacklist specifies clients that are not allowed on
the network. MSS drops all packets from the clients on the blacklist. The black-list is shared
across a Mobility Domain.
Syntax
set rfdetect black-list mac-addr
Defaults
The client black list is empty by default.
Access
Enabled.
mac-addr MAC address you want to add as a rogue.
MSS Version 4.0 Command introduced.
MSS Version 6.2 Command changed from attack-list to rogue-list.
mac-addr MAC address you want to place on the black list.