Will be as clear and accurate as I can.
Is it possible to create a 'pseudo AP' using the following information
Wireless Radio Name
Wireless MAC Address
I am asking as today somone created a 'pseudo AP' to mimic one of our AP's with the information listed above.
Basically this is what happened,
Our clients authenticate using MAC authentication, i.e we add their MACs into the 'Access List' of the AP
This morning, out of the blue, non of the clients could connect, the error log was
'authentication no valid (2)'
So I set about troubleshooting, first thing I did was turn on WPA2 authentication for the AP and all the connecting Stations
The clients could then connect, for a little while, then the message in the logs changed to
'management protection failure'
So I hit the wiki to read up about what this meant, then came to understand that somebody was doing something they shouldnt be doing!
Essentially, this is what I found out,
Somebody set up an AP that was using my radio name, mac address and channel of my AP !
Simply by changing the channel or mac address I was able to circumvent there underhanded actions.
I have my SSID hidden, but they can easily scan the airwaves and see the new MAC address I am using.
This is only effecting nstream and 802.11, NV2 is uneffected but we cant use it as performance is terrible
How can we circumvent this ???