sirius7
asked on
how do I find a device on my network?
Ran a belarc program and it showed a wireless netgear on my lan but I can find it anywhere. I want to track it down but dont know how. I was able to get its ip and physical address but nothing else. Is there a way to effectively block it by GPO or any other way?
Does the lan have managed switches? Do you know the mac address? If so you should be able to find out the switch and port that the offending device is plugged into.
Using snmp on Cisco switches, you would be able to do so. What kind of switch do you have?
ASKER
I have a dell powerconnect 3448p but Im really unfamiliar with it. Snmp I know.
I think using the command "show mac-address-table" on your switch(es) you should be able to locate the switchport where the device is connected to (see http://support.dell.com/support/edocs/network/5p788/clig/address.htm).
As the unknown device is probably a wireless router or access point you also might try to figure out the WLAN-SSID it is broadcasting. Depending on the size of the building(s) you might try to find the signal and go towards the point where the signal strength increases to find the sender.
ASKER
can i block it by mac address?
Maybe you can block it by mac address. It might be better though to identify the port it is connected to so you can find the physical device and talk to the user not to use the device anymore. Otherwise he might just change the device, the port, or the mac address and continue to use it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you
You're welcome :)
Thx for the points.
Thx for the points.
Not sure if the 34xx series has the command, but on the 35xx series you can create a MAC-Based ACL to block specific devices by MAC.
Here's the command cheat-sheet that I keep handy:
mac access-list rogues
deny any [MAC address of rogue] 00:00:00:00:00:00
deny [MAC address of rogue] 00:00:00:00:00:00 any
permit any any
exit
interface range ethernet all
service-acl input rogues
exit
Here's the command cheat-sheet that I keep handy:
mac access-list rogues
deny any [MAC address of rogue] 00:00:00:00:00:00
deny [MAC address of rogue] 00:00:00:00:00:00 any
permit any any
exit
interface range ethernet all
service-acl input rogues
exit