RIM (Blackberries), iPhones, Nokia's and Sony Mobiles. Connecting to Guest.

Unanswered Question
Oct 29th, 2009

Hello,


Is there a way to stop RIM (Blackberries) and iPhones, Nokia's and Sony from connecting to the guest network as they hog IP addresses?


I would like to do some "range" mac filtering or sommat, but only for iphones, and rim, and mobile devices, but not to stop apple ibooks etc etc We could use NAT to also alleviate the problem i suppose.


And a lot of these mobile devices appear twice as they dis-associate and then re-associate and there are redundant Anchor WLCs.


It is painful. Any Ideas guys?


Many thx

Ken




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ericgarnel Thu, 10/29/2009 - 05:43

Yes, it is painful. Unfortunately, there really isn't an easy solution in regards to preventing them from connecting on an open network. The last time I checked, there were at least 12 different mac-address ranges for the iphone, and that was before the 3gs came out!


Nat will help a lot! we use a 16bit address range for our wireless. I have also reserved 20 addresses outside of the scope that go thru a pair of PIXes and have static mappings & translations with ip any any for the infrequent requests for port-cut thru.


Here is a one-line that you can use for ISC-DHCP servers that can give you an indication of just how many "Iphone" users are pulling leases.


cat /var/db/dhcpd/dhcpd.leases | grep iPhone | awk '!($0 in a) {a[$0];print}' | wc -l


Subsitute Iphone for whatever for other devices

kfarrington Fri, 10/30/2009 - 08:36

Many thx indeed. I will give this a go and many thanks for your input Eric.


Kind regards,

Ken

Actions

This Discussion

 

 

Trending Topics - Security & Network