All,
I have a customer that has multiple RAP3s and is looking to only allow specific Cisco phones onto the PoE port. I'm trying to do this with DHCP Fingerprinting. Unfortunately, Clearpass is not in the cards at this moment. I'm trying to put this solution together with the fingerprints found at Fingerbank:
https://github.com/inverse-inc/fingerbank/blob/master/dhcp_fingerprints.conf
I'm looking to format these into something that would be ecognizable on the Instants. I found a great discussion on this topic:
http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/DHCP-Fingerprinting/td-p/12471
The fingerprint format discussed in that post was in this format:
Win 7 (eng) 55/0x37 equals 37010f03062c2ef1f2179f92b exact match on Win7
The format in Fingerbank is in this format:
1,15,3,6,44,46,47,31,33,121,249,43,0,80
I opened up Wireshark and captured the DHCP traffic between my laptop and the router and I can see where Fingerbank is getting the above information. I took a look at the DHCP request and the above numbers correspond to the different parameters under "Bootstrap Protocol" > "Option 55," almost to a T.
The main question is how would I translate a Fingerbank DHCP fingerprint into something that can be used on an Instant? Has anyone done this before?
As always, thanks for the help!
-Mike