Unified Wired & Wireless Access

Reply
Occasional Contributor I
johnw
Posts: 8
Registered: ‎10-07-2011

Re: DHCP Fingerprinting

Hi All, if the controller (in my case a 620) is capable of matching the device type to the options, it would be a great idea to allow us to create a rule based on those device types instead of the fingerprint values?

The idea being that various types of iPhones may end up with different fingerprints but still be iPhones .. and the controller could be given an update which would then have all the new fingerprints

thanks
Moderator
cjoseph
Posts: 12,643
Registered: ‎03-29-2007

Re: DHCP Fingerprinting

We do not have that today. For now, all iPhones have the same signature....
Colin Joseph
Aruba Customer Engineering
Aruba Employee
awl
Posts: 455
Registered: ‎04-02-2007

Re: DHCP Fingerprinting

As Colin mentioned, you manually set up the rules today. We're in the final stages of preparing an app note written by Rajiv from an earlier post that will walk you through some of the use cases and how to discover and configure the feature fully.

-awl
Andy Logan, ACDX
Director, Strategic Account Solutions
Aruba Networks
Moderator
pcurto
Posts: 16
Registered: ‎04-21-2009

Re: DHCP Fingerprinting

Just a quick note that Aruba has posted an application note on the public website for DHCP and device fingerprinting:

http://www.arubanetworks.com/pdf/technology/AOS-DHCP-FingerPrint-AppNote.pdf

Sr. Director Business Operations, Aruba Networks
MVP
koenv
Posts: 482
Registered: ‎03-25-2009

Re: DHCP Fingerprinting

and some bad news for those thinking to implement dhcp fingerprinting on a captive portal SSID:

 

BUG-ID: 51691, 56746
DHCP Fingerprinting & Captive Portal cannot be used together.

 

 And from what I was told the fix for this will only be in release 6.2.x.x which is apparantly several months out.:smileysad:

Koen (ACCP | ACMX #351)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Regular Contributor I
WorlisMan
Posts: 179
Registered: ‎08-29-2008

Re: DHCP Fingerprinting

DHCP Fingerprinting is working on my test 3200 using Captive Portal, I've been testing this for a week now and it works fine. The AOS version I'm using is 6.1.3.0.

 

Occasional Contributor II
stobbe_s
Posts: 15
Registered: ‎12-14-2010

Re: DHCP Fingerprinting

[ Edited ]

Can anyone else confirm for me that the Mac OS X Mountain Lion fingerprint has changed from what Lion was?

 

This is what I'm getting in the network log for an iMac running OS X 10.8.1:

370103060f775ffc2c2e

 

Previous versions of OS X was very similar, but with an extra "2f" on the end:

370103060f775ffc2c2e2f

 

I guess if I wanted to cover all OS X versions with a rule - I could use the "starts-with" option instead of "equals".

 

Updated:  It looks like the change was actually made with OSX 10.7.  I imaged the same Macbook and the fingerprint changed from 10.6 -> 10.7, but stays the same for 10.8.

 

Thanks.

Steve

MVP
Michael_Clarke
Posts: 966
Registered: ‎08-29-2007

Re: DHCP Fingerprinting

This looks interesting, https://github.com/inverse-inc/fingerbank/blob/master/dhcp_fingerprints.conf

 

The values are in decimal though.

 

:smileyhappy:

 

 


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCA, ACMP, ACMX #294
Securedata Europe Ltd
New Contributor
sn131678
Posts: 4
Registered: ‎01-27-2013

Re: DHCP Fingerprinting

Any word on whether we are able to fine-tune DHCP fingerprinting with signatures that can tell the difference between an iPhone, iPod, and AppleTV. 

 

I wonder - why is it that the controller(s) can see the Device Type differences between AppleTV, iPhone, iPod, iPad, etc... but our DHCP fingerprints cannot?

 

Thank you --

New Contributor
sn131678
Posts: 4
Registered: ‎01-27-2013

Re: DHCP Fingerprinting

I suppose theres an internal process that happens similar to ClearPass. Possibly by pairing MAC address ranges with DHCP Option fingerprints. I'm not sure, but that would be my guess. I would also assume that since this process is completely internal, and it seems to be similar to ClearPass - it is not something we can utilize with only controllers.

 

I'm not an Aruba expert - but thats my guess. 

Search Airheads
Showing results for 
Search instead for 
Do you mean