Client association question - Rogue AP

Solved
TheRoyalWe95
Conversationalist

Client association question - Rogue AP

Lets say a customer has legacy light-weight APs powered up near newly installed Meraki APs. The legacy (essentially rogue) APs are not associated to a controller. In theory could they still have old config retained and be broadcasting an SSID and a client could try to connect to them, causing performance issues?  

1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal

This is very subjective, if we are going to talk in terms of RF, the ideal would be to disable it so as not to be "polluting" the air. But that doesn't mean it will necessarily cause any problems.

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/security/config...

 

https://meraki.cisco.com/blog/2017/09/rogue-access-point/

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal

Yes, but you have to use a different ssid name. You also can classified It as a friendly Access point.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
TheRoyalWe95
Conversationalist

Yeah I'm just wondering if that legacy AP is going to be causing issues for the clients.  It may not even be connected to a switch, but it could be powered on.. And broadcasting an SSID causing problems... Am I correct in that assumption? 

alemabrahao
Kind of a big deal
Kind of a big deal

This is very subjective, if we are going to talk in terms of RF, the ideal would be to disable it so as not to be "polluting" the air. But that doesn't mean it will necessarily cause any problems.

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/security/config...

 

https://meraki.cisco.com/blog/2017/09/rogue-access-point/

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Brash
Kind of a big deal
Kind of a big deal

Depends on the brand but In theory yes.

Easiest way to check is see if it's still broadcasting. You can use simple free tools to pick up the broadcast MAC of an ssid. You can then use that to correlate to the source AP. I often use an Android app called wifi analyser.

 

Other than that, you should also be able to see the AP as a rogue AP in the dashboard under air marshal.

Get notified when there are additional replies to this discussion.