Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

This thread has been viewed 0 times

  • 1.  Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

    Posted Feb 13, 2014 04:24 PM

    Anyone know the DHCP fingerprint for the Google Glass devices , so I can add it to the role condition (and thus avoid the captive portal)?



  • 2.  RE: Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

    Posted Feb 13, 2014 05:02 PM
      |   view attached

    if you have a GoogleGlass device to test, you can determine the fingerprint using the procedure in the attached TechNote.   Specifically the Identifying a DHCP Fingerprint section:  http://www.arubanetworks.com/vrd/AOSDHCPFPAppNote/Chap2.html#1035710

     

     

     

     

     

     

    Attachment(s)

    pdf
    AOS-DHCP-FingerPrint-AppNote.pdf   1.77 MB 1 version


  • 3.  RE: Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

    EMPLOYEE
    Posted Feb 13, 2014 05:06 PM

    DHCP Option55                1,33,3,6,15,28,51,58,59
    DHCP Option60                dhcpcd-5.2.10:Linux-3.0.31-27935-g01ccedd:armv7l:OMAP4430

     

     

    Can't get the smiley to stop rendering but that should be 7 l : O M A P 

     (without the spaces)



  • 4.  RE: Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

    Posted Feb 13, 2014 08:37 PM

    Should have known you'd have the specifics Tim!     Tim, do you know if this is unique to "Glass" and not any other Google products/devices?



  • 5.  RE: Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

    EMPLOYEE
    Posted Feb 13, 2014 08:46 PM

    It seems to be. We have about 6 on the network and they all profile the same.

     

    The common OUI seems to be f8:8f:ca and they present a hostname similar to Android phones (android-<randomstring>)

     

    Here's how ClearPass and the controller profiles it. The host user agent fingerprint is via IF-MAP from the controller.

     

    google-glass-profile-ifmap-cp62.PNG

     

     

     

    google-glass-profile-cp62.png

     

     

     



  • 6.  RE: Anyone know DHCP fingerprint for GoogleGlass, so I can add to role condition (avoid captive portal)?

    Posted Feb 14, 2014 03:13 PM

    The DHCP fingerprint would be in Hex. For example, an Aple iOS device has a DHCP fingerprint of "370103060F77FC" (see example below):

     

    aaa derivation-rules user byod-rules
      set role condition dhcp-option equals "370103060F77FC" set-value BYOD-Devices_user-role description "Apple iOS"

    The Google Glass device would have its own (hex) DHCP fingerprint ...