Cisco official advisory categorizes SkyJacking as "Unlikely Use".
It says that Cisco LAPs configured with preferred controller list or configured with locally significant certificates (LSCs) are immune to skyjacking attack.
I have seen some installations use plug-n-play mode. I am curious if majority of installations actually go the extra mile in following the recommended best practices?
We use primary and secondary controllers, but that still doesn't stop the RRM packets from containing the MAC and IP address of the controller (even if OTAP and RRM are disabled on the controller).
Thanks Robert - you mean, even if OTAP is turned off at the connected WLC controller, LAPs continue to send OTAP packets over the air?