Network Management

last person joined: yesterday 

Keep an informative eye on your network with IMC and AirWave network management solutions.
Expand all | Collapse all

MAC Address (LAN computer) tracking

This thread has been viewed 32 times
  • 1.  MAC Address (LAN computer) tracking

    Posted Apr 28, 2021 03:56 PM
    I apologize up front if this post is out of bounds for this discussion board. I wasn't sure where to post it.
    I'm trying to come up with a solution for keeping an accurate database of where each computer was last plugged in at on the network.  i.e. Switch Name and Switch Port. We have a mix of 5400R / 2920s switches and old Procurve 4200 series. We currently have Airwave and IMC. I have tried to use Airwave APIs but they do not support Neighbors (i.e. MAC address tables)  they only support clients (Wi-Fi or dynamic segmentation). IMC does have the History Access Log which I can manually export (which I might end up going that route). I have looked up using LLDP from each windows computer to try to get the switch port info (LDwin is a good tool), but I could not find a scriptable solution for using LLDP from each computer. The whole reason behind this is that we have many buildings on our campus and it would be nice for our desktop team to be able to know which computers are in which building (especially for bandwidth considerations during update pushes)

    Any suggestions or ideas would be greatly appreciated.  perhaps there is software available that I'm unaware of or a scriptable solution. I'm familiar with multiple programming languages.

    Thank You

    ------------------------------
    Jeremy Bell
    ------------------------------


  • 2.  RE: MAC Address (LAN computer) tracking

    Posted Apr 29, 2021 11:00 AM
    Any chance you have ClearPass authenticating your wired ports?  If so, you should be able to get that info in the Insight Reporting section.

    ------------------------------
    Chuck Jenson
    ------------------------------



  • 3.  RE: MAC Address (LAN computer) tracking

    Posted Apr 29, 2021 03:30 PM
    Chuck,

    unfortunately we don't have ClearPass Auth on every switch, due to having a lot of older switches that do not support it. But ultimately in the future, that will be the route we take. Another user "Michael LO" suggested to use the DHCP snooping feature on the switches. I Think I'm going to try that out.

    ------------------------------
    Jeremy Bell
    ------------------------------



  • 4.  RE: MAC Address (LAN computer) tracking

    Posted Apr 29, 2021 01:57 PM
    Dear Jeremy,

         In our campus network environment , your requirements can be achieved by MAC address authentication, DHCP snooping database or 3rd party tool.

    1) MAC Address Authentication: date, time, switch name and port name can collected from RADIUS log or RADIUS accounting log.
    2) DHCP snooping database:
            i) enable DHCP snooping in  your access switches
           ii) Add "dhcp-snooping database file "tftp://<Your TFTP server IP>/<switch name.dat>" into  your access switches

           IP addresses, MAC, name port Index number can be collected from TFTP server.

    3) 3rd party tool:  We are using OpUtil of ManageEngine to monitoring the switch utilization.  https://www.manageengine.com/products/oputils/

    Michael LO

    ------------------------------
    Michael Lo
    ------------------------------



  • 5.  RE: MAC Address (LAN computer) tracking

    Posted Apr 29, 2021 03:36 PM
    Thank You,

    I'll discuss with my team about using DHCP snooping. and I'll check out the OpUtil software to see if that's the right fit for us.  I appreciate the info.

    ------------------------------
    Jeremy Bell
    ------------------------------



  • 6.  RE: MAC Address (LAN computer) tracking

    Posted Apr 29, 2021 09:30 PM
    Please refer to configuration example below.

    dhcp-snooping
    dhcp-snooping authorized-server 1.2.3.4
    dhcp-snooping database file "tftp://1.2.3.5/hpsw123.dat"
    dhcp-snooping vlan 2 4 6 8 10
    interface <uplink port>
           dhcp-snooping trust
           exit

    Type "show dhcp-snooping binding" to check the DHCP snooping binding table.  Around 5 minutes later, you may find a text file "hpsw123.dat" uploaded to your TFTP server.

    Please notice that this feature was not originally designed for visibility.  Data update is not real-time.

    ------------------------------
    Michael Lo
    ------------------------------