Suppressing rogue APs
In addition to monitoring rogue APs, you can actively prevent your users from connecting to them. When suppression is activated against an AP, the FortiGate WiFi controller sends deauthentication messages to the rogue AP’s clients, posing as the rogue AP, and also sends deauthentication messages to the rogue AP, posing as its clients. This is done using the monitoring radio.
Before enabling this feature, verify that operation of Rogue Suppression is compliant with the applicable laws and regulations of your region. |
To enable rogue AP suppression, you must enable monitoring of rogue APs with the on‑wire detection technique (see Configuring rogue scanning). The monitoring radio must be in the Dedicated Monitor mode.
To activate AP suppression against a rogue AP
- Go to Dashboard > WiFi > Rogue APs.
- In the table of rogue APs, select the AP you want to suppress and hover your mouse over the State column.
- Click the Edit icon and select Suppressed Rogue AP.
- Click Apply.
To deactivate AP suppression
- Go to Dashboard > WiFi > Rogue APs.
- In the table of rogue APs, select the AP you want to suppress and hover your mouse over the State column.
- Click the Edit icon and select another state.
- Click Apply.
You can change the state of multiple APs by selecting multiple rows. |
To activate AP suppression against a rogue AP - CLI
config wireless-controller ap-status edit 1 set bssid 90:6c:ac:da:a7:f1 set ssid "example-SSID" set status suppressed next end