Solved

Cisco DHCP, MAC Address,  Username Tracking

Posted on 2004-10-24
614 Views
Last Modified: 2013-11-16
How do we get Cisco to see the DHCP, MAC Address, and Username relationships for tracking purposes? Perhaps we can use PDM.
0
Question by:SilvaJohnA
    4 Comments
     
    LVL 79

    Accepted Solution

    by:
    I'm not sure what you are really asking, but assuming you are talking about PIX, the short answer - you can't.
    There is no mechanism within the pix to associate a username with any internal system.
    There is no mechanism within the pix to know whether an IP address is assigned by DHCP or not, unless the pix itself is the DHCP server - then it keeps a binding record of MAC address to IP address. Else, it only has an arp cache to maintain the MAC address to IP address.
    0
     
    LVL 3

    Assisted Solution

    by:MaxQ
    This isn't really firewall-related, but the Campus Manager module of CiscoWorks can do what you describe with a feature called User Tracking:

    http://www.cisco.com/en/US/products/sw/cscowork/ps563/products_user_guide_chapter09186a008017b40b.html

    For this to work CiscoWorks needs to have access to all of the switches where your users might be plugged in, and to associate usernames with IPs you also have to install a small script on your domain controller (assuming you're using Windows...there are ways to do it in Novell and Unix also).
    0
     
    LVL 79

    Expert Comment

    by:lrmoore
    Are you still working on this? Do you need more information?

    0
     
    LVL 79

    Expert Comment

    by:lrmoore
    How's it going? Have you found a solution? Do you need more information?
    Can you close this question?

    http://www.experts-exchange.com/help.jsp#hs5

    Thanks for attending to this long-forgotten question.

    <-8}
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Learn The Basics of Ethical Hacking & Pen Testing

    Computer and network security is one of the fastest growing and most essential industries in technology, meaning companies will pay big bucks for ethical hackers. This is the perfect course to leap into this lucrative career, learning how to use ethical hacking to reveal ...

    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    This video Micro Tutorial is the first in a two-part series that shows how to create and use custom scanning profiles in Nuance's PaperPort 14.5 (http://www.experts-exchange.com/articles/17490/). But the ability to create custom scanning profiles al…
    This video Micro Tutorial is the second in a two-part series that shows how to create and use custom scanning profiles in Nuance's PaperPort 14.5 (http://www.experts-exchange.com/articles/17490/). But the ability to create custom scanning profiles a…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now