The same SSID on the same APs in the same vSZ zone is periodically declared malicious by different AP.

  • 1
  • Question
  • Updated 5 months ago
  • Acknowledged

Hey.


We use vSZ-E (3.5.1.0.296) with 80 access points.

6 zones are configured of which 2 without access points (used as a template).

In one of the zones there are only 6 access points.

But a strange thing happens in her ...

"An SSID-spoofing rogue AP [24: 79: 2A: 2B: 55: BC] with SSID [TavriaV_Intercom] is detected by [AP-R510_Ark_47 @ 24: 79: 2A: 2B: 55: B0] on channel [153]."

Those. the access point has declared its own BSSID malicious!

In the remaining zones, everything is OK.

I made a stable zone clone, corrected VLANs, moved these 6 points - I got the same problem.

When scanning WiFi, you can really see duplicate SSIDs, sometimes with different authentication settings (some key suddenly appears on an open network).

Google did not help, nor did a search in the knowledge base and forum.

I ask for help!

Desirable links to a knowledge base, documentation or solution.
Photo of Yuriy Babak

Yuriy Babak

  • 3 Posts
  • 0 Reply Likes

Posted 5 months ago

  • 1
Photo of Yuriy Babak

Yuriy Babak

  • 3 Posts
  • 0 Reply Likes


Some picture about this trouble.
Photo of Michael Brado

Michael Brado, Official Rep

  • 3289 Posts
  • 521 Reply Likes
Photo of Jeronimo

Jeronimo

  • 380 Posts
  • 48 Reply Likes
There may be WIPS around using the TARPIT method.