07-27-2007 07:42 AM - edited 03-05-2019 05:32 PM
Hi,
We are trying to identify specific MAC addresses when they connect to the network. We have 13000 users and 1000 Cisco switches.
These MAC addresses could appear at any time and may only be on the network for a short period.
Do you know the best way (and easiest way) to locate these addresses when they connect (in total there are about 100).
I know you can look at MAC address tables and ARP tables, but this is difficult when you don't know which location or switch they will connect to or at what time. Thus, we are looking for a more automatic solution.
Have you any ideas?
Your help would be much appreciated.
Thanks,
mark
07-27-2007 07:54 AM
Mark,
You can lookup for vendor name to whom this mac-address belongs to ,
http://www.coffer.com/mac_find/?string=00%3A0D%3A65
This will give you a idea what kind of device is it.
Hope that helps
Regards,
~JG
07-27-2007 07:55 AM
I suggest configuring 'mac address-table notification' in the switches and setup a SNMP server to sort this kind of information for you.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/cr/cli1.htm#wp2002989
07-27-2007 08:22 AM
Thankyou for responding.
I acknowledge your suggestion, but it still would intale alot of sorting through data etc.
The organisation may think about moving to 802.1x authentication in the near future. Do you know whether this would help identify these MAC addresses and as such could we then block them from accessing the network.
Or could Ciscoworks help?
I'm not expecting you to know all the answers(believe it or not), but your views with respect to above questions would be appreciated.
Thanks again,
Mark
07-27-2007 08:33 AM
Maybe that's something you can ask in the Network Management section.
The SNMP server will have all the data you need, but you need a good front-end application to make this data readable and useful.
Sure, CiscoWorks will help but I'm not very familiar with the product. Openview would be another choice, to handle this SNMP data.
As far as 802.1x, it will also help but you have to create some kind of database for the allow/deny list or some kind of directory for the authentication process.
07-27-2007 08:43 AM
Thanks for you advise and time.
regards
Mark
07-27-2007 08:35 AM
Mark,
With Dot1x you can not identify but yes you would be able to deny unwanted user access to the network. Dot1x is a good option to have here as you have full control on the network.
Regards,
~JG
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: