Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
761
Views
0
Helpful
6
Replies

wireless clients connected to wired network

WILLIAM STEGMAN
Level 4
Level 4

‎12-03-2009 08:43 AM - edited ‎07-03-2021 06:19 PM

I have  WLC 2112, and I want to be able to identify clients who are connected to our external wireless network while simultaneously connected to the wired internal LAN.  APs that are wired and also emitting RF are recognizable by the WLC, but apparently not client who are wired and connected to an unclassified or rogue AP.  Is there a way to find these clients with wired and wireless connections? 

thank you,

Bill

Labels:
0 Helpful
6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-03-2009 01:36 PM

Some network cards or BIOS have disabled LAN switching.

If you look at your switch logs you should see something like MAC addressing flapping between ports and .  That's a give-away.

Another is to look at your main console under "Rogue on Wired Network".

0 Helpful

WILLIAM STEGMAN
Level 4
Level 4
In response to Leo Laohoo

‎12-03-2009 02:02 PM

I set logging to informational but don't see any messages related to clients MAC addresses flapping.  If I go to Monitor, Rogues, Rogue Clients, it shows a client connected to an unclassified AP as Rogue.  That AP is one of ours outside our LAN.  If I connect my laptop to the outside AP, it shows me as a rogue client even if I am not simultaneously wired to the LAN. 

thx

0 Helpful

j-mccarthy
Level 1
Level 1

‎12-07-2009 11:23 PM

ethernet nic and wireless nic will have different mac addresses

windows should prefer the ethernic nic over the wireless as it'll have a lower metric

do a route print on a client connected to wired and wireless networks and you should see the wired network is the preferred interface. there should be no "flapping" between interfaces.

0 Helpful

Richard Atkin
Level 4
Level 4

‎12-16-2009 08:37 AM

Hi Bill,

Unfortunately there's no easy way to achieve this in most situations.

The Wired & Wireless Interfaces will have different MAC Addresses, so there's nothing clever you can do at L2.

If you run 802.1x on the LAN & WLAN you could probably limit the number of concurrent session for a given username to 1, which would mean that which ever NIC came up first would be the one that stays active for the client.  This is a bit messy and I've never tried it, but it should work.

The only sure-fire way I know of resolving this problem is by deploying CiscoSecure Services Client ('CSSC') which has the ability to force the Client to only use one NIC at a time, and you can prioritise the NIC's so if they are both plugged in / turned on, you can say which should have priority.

Rgds,

Richard

0 Helpful

WILLIAM STEGMAN
Level 4
Level 4
In response to Richard Atkin

‎12-16-2009 09:25 AM

Thank you Richard.  I was afraid it wasn't really possible with the APs and WLC alone.  I

think a sales rep and pre sales engineer were a bit overzeolous in their claims.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to WILLIAM STEGMAN

‎12-16-2009 01:58 PM 

wstegman wrote:
Thank you Richard.  I was afraid it wasn't really possible with the APs and WLC alone.  I
think a sales rep and pre sales engineer were a bit overzeolous in their claims.

I am soooooooooooooooo not going to make a swipe at this.  He he he ...

.
.
.
.

I'm sooooooooooooooooooo tempted.  But I just won't.
.
.
.
.
.
.
.
.
.
.
.
.
Let's just say that some Sales people make promises the company won't keep.   (There I said it!  Oh what a relief it is!)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card