Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Find a device by MAC

This thread has been viewed 0 times

  • 1.  Find a device by MAC

    Posted Sep 13, 2013 11:55 AM

    I have a bunch of 93H access points, and there is a rouge router attached to one with a MAC address I'd determined from some packet captures.  What is the best route to take to determine which AP this is attached to?  The ports are designed to plug in and go (which we are changing in a few weeks) so no authentication is required.

     

    On the switches I can run the show mac-address-table.  When I run that on the controller it seems to only give its own MAC addresses.

     

    Any suggestions on the route I should take?

     

    Thanks!



  • 2.  RE: Find a device by MAC

    EMPLOYEE
    Posted Sep 13, 2013 02:37 PM

    How are the ports configured? Bridge mode?



  • 3.  RE: Find a device by MAC
    Best Answer

    EMPLOYEE
    Posted Sep 13, 2013 03:38 PM

    The issue is your ports are set to "trusted" meaning they are bypassing all firewall and visiblity. Can I make a suggestion?  The below will retain your "plug and go" method but will use Aruba's firewall for device/client tracking on the wired ports.

     

    1. Create a aaa profile.  Assign NO MAC, 802.1x, or server group.  Set the INITIAL ROLE to authenticated.  This will still allow all traffic through.

     

    2. Create your wired port profile as an "untrusted" port and then apply the aaa profile above.

     

    Voila!  You now have a ton more visibility (appRF also works here too!).  You can do a simple search for the MAC and find out AP and port # very easily.  This also gets reported to Airwave too.



  • 4.  RE: Find a device by MAC

    Posted Sep 16, 2013 11:09 AM

    Seth - thanks for the tip.  If this was Reddit, I'd probably give you reddit gold :smileyhappy: