Enable Rogue Access Point Detection

To configure rogue access point detection on your XTM wireless device, you need to know the configuration of the other wireless access points on your network; this enables you to identify them as trusted in your configuration. You can then set up a schedule for rogue access point detection scans.

Configure Rogue Access Point Detection

  1. Select Network > Wireless.
    The Wireless page appears.

  1. Select the Enable rogue access point detection check box.
  2. Adjacent to the Enable rogue access point detection check box, click Configure.
    The Trusted Access Point Configuration page appears.

Screen shot of the Wireless Trusted Access Point configuration page

On the Access Points tab you can add information about all other trusted wireless access points on your network so the rogue access point scan does not identify them as potential rogue access points.

Add a Trusted Access Point

  1. To add a trusted access point to the list, click Add.
    The Trusted access point dialog box appears.

In the Trusted access point dialog box, provide as much information as you can to identify your trusted access point. The more information you provide, the more likely it is that a rogue access point detection scan can correctly identify a trusted access point.

  1. In the Network name (SSID) text box, type the SSID of the trusted access point.
  2. In the MAC address (Optional) text box, type the wireless MAC address of the trusted access point.
    If your trusted access point is an XTM wireless device, see Find the Wireless MAC Address of a Trusted Access Point.
  3. From the Channel drop-down list, select the channel used by the trusted access point. If the trusted access point is a WatchGuard device and the Channel in the radio settings of that trusted wireless device is set to Auto, select Any.
  4. From the Encryption drop-down list, select the encryption method used by the trusted access point.
    The WPA or WPA2 authentication and encryption settings that apply to the encryption method you select are enabled.
  5. If you select WPA or WPA/WPA2 as the encryption method, configure the WPA settings to match the configuration of your trusted access point.
    Or, if you do not know these settings, select the Match any authentication and encryption algorithms check box.
  6. If you selected WPA2 or WPA/WPA2 as the encryption method, configure the WPA settings to match the configuration of your trusted access point.
    Or, if you do not know these settings, select the Match any authentication and encryption algorithms check box.
  7. Click OK.
    The trusted access point is added to the list of trusted access points.

For information about how to add an XTM wireless device as a trusted access point, see Add an XTM Wireless Device as a Trusted Access Point.

Edit or Remove a Trusted Access Point

To edit a trusted access point:

  1. Select the access point in the list.
  2. Click Edit.
  3. Edit the information used to identify the trusted access point as described in the previous section.

To remove a trusted access point, select the access point in the list and click Remove.

Configure Logging and Notification

You must enable logging to see information about rogue access point scans in a report. When you enable logging, the log records the start and stop time, and the results of each scan. To enable logging, select the Enable logging for reports check box.

You can also configure the device to notify you when a rogue access point is detected. To configure notification:

  1. Click the Notification tab.
  2. Select a notification method: SNMP trap, email message, or pop-up window.

For more information about notification settings, see Set Logging and Notification Preferences.

Set the Scan Frequency

If you enable rogue access point detection on an XTM wireless device that is also configured as a wireless access point, the device alternates between the two functions. When a rogue access point scan is not in progress, the device operates as wireless access point. When a rogue access point scan begins, the XTM device access point functionality is temporarily disabled, and wireless clients cannot connect to the XTM wireless device until the scan completes. You cannot set the scan frequency to Always scan if your device is also configured as a wireless access point.

If your XTM wireless device is configured to operate as a wireless client, the rogue access point scan does not interrupt the wireless connection, but it does decrease the throughput of the wireless connection while the scan is in progress.

To set the scan frequency:

  1. In the Trusted Access Point Configuration dialog box, select the Schedules tab.

  1. Select the scan frequency.
  2. If you selected Schedule a scan, select how often the scan should run (daily, weekly, or monthly) and select the time of day to start the scan.
  3. Click Return to Main Page.
  4. Click Save.

If you have added information about some trusted access points but still need to collect information about other trusted access points, you might not be ready to enable the rogue access point scan. To disable rogue access point detection scans, in the Wireless Configuration page, clear the Enable rogue access point detection check box. When you disable rogue access point detection, your trusted access point information is saved, but the device does not scan for rogue access points.

See Also

Rogue Access Point Detection

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base