Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HELP - Block MAC address with CiscoWorks LMS 3.0

Hello,

Is it possible with CiscoWorks LMS 3.0 to block a certain MAC address from the network and notify an administrator when the computer with that MAC address tries to get access to the network?

Please answer as soon as possible.

Thank you

Lindsay

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

You won't be able to do this with CiscoWorks. However, you can run UT reports in LMS that show the MAC addresses currently connected and you take action from there.

6 REPLIES
Gold

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

well i do not know if it is possible in ciscoworks but there are several different possibilities in the switches and so on.

This however does indicate that the aggressor does not know that you are tracing the mac addresses or them for that matter.

Changing the mac address is easy for anyone on basically any system made today.

so what is it that you realy want to achieve?

New Member

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

I am currently implementing ciscoworks on my network, but i don't wont that some portables (from my company - so I know the MAC's and they aren't changing soon) are able to get on my network.

if however they do get on the network I want to be notified by email or sorts

if a simple solution is possible (next to ciscoworks) that is also welcome

Cisco Employee

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

You won't be able to do this with CiscoWorks. However, you can run UT reports in LMS that show the MAC addresses currently connected and you take action from there.

New Member

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

hi, I've tried that but I couldn't find anything that would then alert the administrator, I could only generate a report and see if that MAC address was found.

It's not really what I wanted.

But thanks for letting me know that it's impossible to do this with CiscoWorks.

Gold

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

what you can/could do if it is a fairly small network is use a sniffer software and just let it roll on and have a filter that filters out everything exept these mac addresses.

when they get out on the network they will send gratitious arps or a dhcp request and you will see them instantly.

This is just 1 way of doing it.

there are a few others i could think of.

HTH

Re: HELP - Block MAC address with CiscoWorks LMS 3.0

its just an assumption - I haven't tried it yet and it requires a little bit of scripting...

with LMS 3.x there is the possibility to make use of the Dynamic UserTracking where a switch Port will send a specific Trap to Campus Manager which inturns updates the User Tracking Table. So you can periodically generate a UT report from cli (ut -cli ... see below for hlep) and let a script parse the content of the report to find matches against a given list. If successfull, send an email with the detailed data from the UT Report;

(see online help: http://:1741/help/CMcore/CmHelp/index.html?Ut_UtCli_Cmd.html

381
Views
0
Helpful
6
Replies