Rogue AP detected - best strategy to find it
Hi
We have been trying to find some Rogue SSID/AP's that are on our network as detected by Air Marshal, but I am trying to understand a few things.
According to the alert, it says Rogue because - Recently seen on LAN
And it has been seen on our LAN, by the WAPS that are our corporate AP's.
If it is seen on our LAN, why can't it tell me what switch/port it is connected to so I can find it, or what are the other strategies that I can use to detect where this access port is, assuming it is physically connected on our network?