Rogue APs
You can use Rogue AP detection to scan for and identify unauthorized wireless access points in the area. Detected APs are displayed in the View Rogue APs table where you can view details about the AP, including the SSID and network status. Rogue APs connected to your wired network can be identified using the On-Wire column in the table.
For more information about Rogue AP detection, see the FortiAP/FortiWiFi Configuration Guide.
To view Rogue APs:
- Go to AP Manager .
- In the tree menu, go to Device & Groups.
- In the toolbar, click More > View Rogue APs. The rogue AP list is displayed.
The following options are available:
Mark As
Mark a rogue AP as:
- Accepted: for APs that are an authorized part of your network or are neighboring APs that are not a security threat.
- Rogue: for unauthorized APs that On-wire status indicates are attached to your wired networks.
- Unclassified: the initial status of a discovered AP. You can change an AP back to unclassified if you have mistakenly marked it as Rogue or Accepted.
Suppress AP
Suppress the selected APs. This will prevent users from connecting to the AP. When suppression is activated against an AP, the controller sends deauthentication messages to the rogue AP’s clients posing as the rogue AP, and also sends deauthentication messages to the rogue AP posing as its clients.
Before enabling this feature, verify that operation of Rogue Suppression is compliant with the applicable laws and regulations of your region.
Unsuppress AP
Turn of suppression for the selected rogue APs.
Refresh
Refresh the rogue AP list.
Column Settings
Click to select which columns to display or select Reset to Default to display the default columns.
The following columns are available:
State
The state of the AP:
- Suppressed: red suppressed icon
- Rogue: orange rogue icon
- Accepted: green wireless signal mark
- Unclassified: gray question mark
Status
Whether the AP is active (green) or inactive (orange).
SSID
The wireless service set identifier (SSID) or network name for the wireless interface.
Security Type
The type of security currently being used.
Channel
The wireless radio channel that the access point uses.
MAC Address
The MAC address of the wireless interface.
Vendor Info
The name of the vendor.
Signal Strength
The relative signal strength of the AP.
Detected By
The name or serial number of the AP unit that detected the signal.
On-Wire
A green up-arrow indicates a suspected rogue, based on the on-wire detection technique. An orange down-arrow indicates AP is not a suspected rogue.
First Seen
How long ago this AP was first detected. This column is not visible by default.
Last Seen
How long ago this AP was last detected. This column is not visible by default.
Rate
The data rate in, bps. This column is not visible by default.