Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WLSE and MAC spoofing

Hello,

My WLSE has detected several Client MAC Spoofing.

I have some questions about:

- the type of the spoof:

MAC_spoof 19 for example.

What is the meaning of the index ?

- the Spoof User Id:

"Client MAC Spoofing Detected on [MAC address] , host/XXXXXXX and on AP"

Does the spoof user id refers to:

- the computer which has spoofed the displayed MAC address (the illegal one)

- or the computer which originally had this MAC address (the legal one) ?

Im wondering this because the spoofed MAC address only refers to a single computer in "Reports > Wireless Clients", even when the "Spoof User Id" refers to a "clean" computer (allowed in the network)

I didn't find much about this in the Cisco documentation.

Any help ?

thanks

2 REPLIES
Blue

Re: WLSE and MAC spoofing

New Member

Re: WLSE and MAC spoofing

Hello,

Thanks for your answer.

Anyway, there is no explanation about the spoof index. I would like to know what refers to this index because, i have several errors, detected by the same AP with the same MAC address and the same spoof user id. The only difference between those errors is the spoof id.

Does someone know ?

Thanks.

133
Views
0
Helpful
2
Replies