About Allowed List Workflow
The Cisco DNA Center Rogue Management and aWIPS workflow allows you to review and mark the MAC address of rogue access points, that you want to move to the allowed list in bulk, and process the bulk allowed list of selected AP MAC addresses.
Rogue Management and aWIPS workflow supports APs that are associated with Cisco AireOS Controllers and Cisco Catalyst 9800 Series Wireless Controllers.
You can move the following rogue AP types to the allowed list using the information provided in Set Up the Allowed List Workflow:
-
Rogue on Wire
-
Honeypot
-
Interferer
-
Neighbor
You cannot move the following rogue AP types to the allowed list:
-
Beacon Wrong Channel
-
Beacon DS Attack
-
AP Impersonation
-
Friendly
Set Up the Allowed List Workflow
This procedure shows how to move rogue AP MAC addresses to the allowed list in bulk. These addresses are the ones that you do not want to report as high threat in Cisco DNA Center.
Before you begin
To perform the following task, you must have SUPER-ADMIN-ROLE or NETWORK-ADMIN-ROLE permissions.
Procedure
Step 1 |
From the top-left corner, click the menu icon and choose . The Set up Rogue Management and aWIPS window is displayed. |
||
Step 2 |
Click Let's Do it. To skip this step in the future, check the Don't show this to me again check box. The Bulk upload allowed access points window is displayed. |
||
Step 3 |
Using the Search field, search for the MAC addresses that were already added in the About Allowed List Workflow. |
||
Step 4 |
Click Export to export the allowed list. |
||
Step 5 |
Click the Download the sample CSV template from here link to download the sample CSV template file and manually add the MAC address, operation, and category to create the bulk allowed list template. . Hover your cursor over the notification symbol to view the format of allowed MAC addresses, operations, and categories. |
||
Step 6 |
You can either drag and drop the CSV file into the boxed area or click Choose a file and browse to the CSV file on your system. The maximum size of the CSV file should be 1.2 MB.
|
||
Step 7 |
Click Next. |
||
Step 8 |
In the Summary window, the Uploaded bulk allowed list MAC addresses table displays the list of allowed MAC addresses in bulk, and the respective operation and action:
|
||
Step 9 |
Click Continue to allowed list, and, in the dialog box that is displayed, click Yes. The Done! Allowed List Updated window appears. |
||
Step 10 |
Click Go to Rogue and aWIPS Home Page. The Rogue and aWIPS dashboard is displayed. Click the Threats tab, that displays Threat table, Cisco DNA Center now categorizes the specified rogue AP MAC addresses as Allowed List under the Type column. |
||
Step 11 |
To add or delete a rogue AP MAC address individually, click the rogue MAC address listed under the Threat MAC address column. The Threat 360 window is displayed. |
||
Step 12 |
From the Action drop-down list, choose Add to Allowed list. To remove a rogue AP MAC address from the allowed list individually, from the Action drop-down list, choose Remove from Allowed list. |