Unknown MAC address

We have installed a 526 Wireless controller and 520 express switch. As far as we can tell all is configured ok. We use wpa/enterprise with Radius server an clients authenticate OK and get an IP lease from our windows (SBS) dhcp server. Unfortunately we cannot ping this server, but we can ping all other computers on the network. The reason seems to be that we get a rogue mac address for the server's IP. If we wireshark it we see the server initially replying to the ARP WHO HAS correctly followed by another from a ASKYCOM device. This MAC then appears in the 520 gigabit uplink's mac table.
If we look on the network to which the 520 is connected this MAC address does not appear, so it seems as if it is being generated within the wireless system!
Anyone have any ideas?

Hi thanks your response. We have tracked the issue down (we think/hope!) to a rogue (with duplicate IP) on the wired network.
If we cleared the arp cache and pinged the server IP address (192.168.0.1) we get a good reponse to the ARP "whohas" followed by another from the rogue. However when on the wired side this seemed to have no effect and indeed the switches did not contain the rogue MAC address in their MAC address table, when on the wireless side it did cause a problem! We think it might be down to a user installed low cost switch using the common address we unfortunately selected for our server.

Similar Messages

Can iPhone 6 hotspot block unknown MAC addresses?

i am somewhat concerned that someone can hack my iPhone 6 hotspot.
is there a way to block devices with unknown MAC address from connecting to the hotspot?
is such a feature available, feasible, desirable?
anybody?
regards

Please anyone?

Router receives a frame/packet with unknown MAC address

Hi Everyone,
Lets assume that a router received a frame/packet on an interface due to switch did not have the destination mac address listed on its mac address table and therefore broadcatsed this packet out of all ports, and router receives that packet that was not even intended to reach it. Would the router route that packet or drop? Just wondering if my assumption is true and router would drop a frame/packet that it receives on an interface if the destination MAC address of this frame/packet is not a MAC address of the routers's interface that it was received on.
Thanks!

Hey but I don't think router ever does a destination mac check! (that's surprising indeed), looks like router does not check the destination information, until it strips off ip packet from the frame! have a look at what a router does when it receives a frame (with any destination mac addr) here:-
http://www.ciscopress.com/articles/article.asp?p=2244117&seqNum=2

Unknown MAC address connecting

I've got a WRT54G v6 that is password protected via WPA2 Personal TKIP+AES, and SSID broadcast enabled. In the Status menu > Local Netork > DHCP Clients Table there is a MAC Address listed that none of my devices have. Is there anyway I can find out what or where it is connecting from? Is there a way that I can keep it from connecting to my network? Thanks.

PB_G4_OS_X wrote:
All our devices, 2 Macs, 2 iPods and an iPhone all have different MAC addresses than the one odd MAC address that is showing up in my routers list. Our xbox is not configured to connect to the router although it does "see" the router. My sons girlfriend that ocassionally comes in has a smart phone but, shouldn't it disconnect when she goes out? The MAC address is still showing up on the list. Is there a way to keep smart phones or other devices from connecting to our router?
A certain device should disappear on the Clients Table List once it is not anymore connected to the router.
Try to ping the IP address of that device so we will know if it is still active or not.

ACE multiple mac-address for a single IP (solaris ipmp)

Dear All,
We are triing to load ballance smtp traffic to solaris mail servers that are using ip multipath in bridge mode configuration.Multipath is configured so that only one of the redundant interfaces replies to arp request. Therefore all of the traffic come to the solaris from the ACE on the primary interface, but solaris uses the secondary interface too with different mac address to answer.The load ballancing working correctly it does not matter if solaris answers the request with its primary (MAC known by ACE) or secondary interface (MAC not know by ACE). But if the solaris wants to create a tcp session that is not balanced but go through the ACE with secondary interface which mac-address is not know by ARP in the ACE, the packets are silently discarded. There is no logs about it.
Please if someone could know this behavior answer.
Regards,
szicsu

If you do a 'show np 1 me-stat '-socm'' you will see a counter catching the packet drops.
Drop [mac lookup fail]: 30 0
Drop [route lookup fail]: 14316 0
We can't setup connection for unknown mac-address or if we do not have a route.
We need to first learn the mac-address through the arp request/response mechanism.
This is during this process that the encap id is associated with the mac-address.
Without that encapid we can't create the connection to flow the traffic.
You can try to disable normalization to see if that could help, but I can't guarantee it.
Gilles.

Block curtain MAC-addresses on my WRT54GL

Hello
I use a Linksys WRT54GL for my wireless setup in my apartment. I have noticed that there sometimes are unknown MAC-addresses in "DHCP Clients Table". I guess it is my neighbours or someone on the street.
Am I able to block a curtain MAC-address, so I precent them to connect to my network. And how?
Best regards,
MAthias

Under the Wireless tab,click on the Wireless Mac Filter>>>>choose the option enable and click on the option "document.write("Prevent PCs listed below from accessing the wireless network.") Prevent PCs listed below from accessing the wireless network" and then,click on Edit Mac Filter List to enter the Mac Address which you want to prevent.

ARP table not populating mac address for previously reachable IP address

Router has been online and working fine with one BGP neighbor for almost 2 years and no downtime. 2 weeks ago, added a 2nd BGP peer. Everything worked fine for 2 weeks, then all of a sudden yesterday the 2nd BGP peer is disconnected and does not come back. ISP checks and sees everything looks fine on their end. We cannot even ping each other now.
Upon investigation, the ARP table is not even populating the MAC address for the BGP peer IP anymore (same local subnet). Stays "incomplete" in the table no matter what we do, including clearing arp table, changing IP address, etc.
Plug a laptop directly into the 2nd BGP peer FE port and replicate the IP addressing. Laptop cannot ping Router, but Router CAN ping laptop. Check ARP table, but STILL no mac address assigned and now not even the ARP table showing "incomplete".
Thinking it could be the FE interface, switch to the 2nd FE interface and perform same laptop test, this time with arbitrary IP addressing. Now cannot ping each other, no MAC in ARP table.
End up rebooting the router and lo-and-behold, everything is working normally again. 2nd BGP peer peers up instantly.
I should also mention that the 1st BGP peer worked flawlessly throughout, taking all the Internet load and having no issues throughout.
Also, the FE ports for the 2nd BGP peer are on an HWIC FE card plugged into the router. The 1st BGP peer is plugged into the built-in GE interface. 2901 running: c2900-universalk9-mz.SPA.151-4.M4.bin
Lastly, no router resource issues, no error messages, no logs. Just the BGP peer disconnecting.
I have never, in 20 years working with Cisco routers seen something like this before. This is the most fundamental aspect of IP and Ethernet that was not working.
Has anyone ever seen this behavior before??
Here is the router config (IP's changed):
version 15.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service internal
service sequence-numbers
boot-start-marker
boot-end-marker
logging buffered 150000
aaa new-model
aaa authentication login LAUTHEN local
aaa authentication login TAUTHEN local group tacacs+ enable
aaa authorization console
aaa authorization exec LAUTHOR local if-authenticated
aaa authorization exec TAUTHOR local group tacacs+ if-authenticated
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
no ipv6 cef
no ip source-route
ip cef
no ip domain lookup
multilink bundle-name authenticated
username ubiadmin privilege 15 secret 4 .JbeuWXuZvchrG0OL.5BftFtqrrEyxcnVHn5rIuCnTk
username umitsnoc01 privilege 15 secret 4 cUmoRUjey9O1x.wk9S.kleX.iAAhCwihupr6Z98p6OA
redundancy
ip ssh version 2
track 1 interface GigabitEthernet0/0 line-protocol
class-map match-any AutoQoS-VoIP-RTP-Trust
match access-group name SIP-Media-INBOUND
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
class-map match-any Customer-Voice
match access-group name Customer-VPNs
class-map match-any media
match access-group name SIP-Media
class-map match-any signaling
match access-group name SIP-Signaling
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map queue
class signaling
bandwidth percent 5
class media
priority percent 50
class Customer-Voice
priority percent 40
class class-default
fair-queue
policy-map shape
class class-default
shape average 10000000
service-policy queue
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description BGP Peer 1
ip address 2.2.2.2 255.255.255.252
no ip redirects
ip flow ingress
ip flow egress
duplex auto
speed auto
service-policy output shape
interface GigabitEthernet0/1
description LAN
ip address 1.2.3.4 255.255.255.0
no ip redirects
ip flow ingress
ip flow egress
standby 255 ip 1.2.3.1
standby 255 priority 105
standby 255 preempt
standby 255 mac-address 1a2b.3c4d.5e6f
standby 255 track 1 decrement 10
duplex auto
speed auto
service-policy output AutoQoS-Policy-Trust
interface FastEthernet0/0/0
description BGP Peer 2
ip address 1.1.1.1 255.255.255.252
ip flow ingress
ip flow egress
duplex full
speed 100
service-policy output shape
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
router bgp 7777
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 1.1.1.2 remote-as 5555
neighbor 1.1.1.2 update-source FastEthernet0/0/0
neighbor 1.1.1.2 prefix-list L3-DEFGW in
neighbor 1.1.1.2 route-map L3-LPREF-IN in
neighbor 2.2.2.1 remote-as 6666
neighbor 2.2.2.1 ebgp-multihop 2
neighbor 2.2.2.1 update-source GigabitEthernet0/0
neighbor 2.2.2.1 send-community
neighbor 2.2.2.1 prefix-list COLO-DEFGW in
neighbor 2.2.2.1 route-map COLO-LPREF-IN in
neighbor 2.2.2.1 route-map COLO-OUT out
ip forward-protocol nd
ip bgp-community new-format
ip as-path access-list 5 permit _5555_
ip as-path access-list 5 deny .*
ip as-path access-list 10 permit ^6666$
no ip http server
no ip http secure-server
ip flow-top-talkers
top 50
sort-by bytes
ip route 0.0.0.0 0.0.0.0 1.1.1.2 254 name L3
ip route 0.0.0.0 0.0.0.0 2.2.2.1 255 name COLO1
ip route 10.0.0.0 255.0.0.0 10.10.10.10 name FW_OUTSIDE
ip tacacs source-interface GigabitEthernet0/1
ip access-list standard SNMP_SOURCES
permit 12.12.12.0 0.0.0.255
deny any log
ip prefix-list L3-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-LPREF-OUT seq 5 permit 1.2.3.0/24
route-map COLO-LPREF-IN permit 5
match as-path 5
set local-preference 250
route-map COLO-LPREF-IN permit 10
set local-preference 150
route-map COLO-LPREF-IN permit 20
route-map COLO-OUT permit 10
match ip address prefix-list COLO-LPREF-OUT
set as-path prepend 7777 7777 7777
set community 29795:1004
route-map COLO-OUT permit 20
route-map L3-LPREF-IN permit 10
match as-path 10
set local-preference 200
route-map L3-LPREF-IN permit 20
set local-preference 150
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps flowmon
snmp-server enable traps transceiver all
snmp-server enable traps ds1
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps license
snmp-server enable traps envmon
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps mac-notification
snmp-server enable traps aaa_server
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps memory bufferpeak
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps ipsla

When you were checking the ARP table was there an entry for Fast0/0/0?
HTH
Rick

Use TCP, UDP, or other to communicate with UUT using MAC address instead of IP address

I want to verify that the Ethernet port on my UUT works.
My plan was to ping the UUT and verify that I got a response. However, the UUTs will come to test with an IP that I cannot use on the network. [Please don't ask me to explain why -- the IT group has their rules, and rules are rules after all . . . ]
I can query the UUT (via the serial port) for it's MAC address. But I cannot find any LabView VIs, or DOS executables which use the MAC address as a parameter to invoke a response from the device.
Does anybody have an idea of how I can verify the UUT Ethernet port without having to divorce myself from the company network and set up my own private network? [Oh and by the way, before somebody suggests it, the IT group won't let me put a 2nd network card in my PC -- rules are rules after all . . . .]

I wouldn't worry too much about the address shown in the Remote Management tab. The ARDAgent process, which is what is listening on his computer for connections from Remote Desktop, binds to all active network interfaces and ultimately that's all that matters. Of out curiosity though, to what IP address does the "unknown-b8-8d-##-##-##-##.home" dns name resolve? Is it the WAN address? I can't imagine it resolves to a private address like a 192.168.
In any event, let's focus back on the network structure. Does the BT router have both a hard wired LAN ethernet port as well as a WiFi radio for LAN connections? My guess is yes. I am also assuming that he does *not* have another router attached to the BT LAN ethernet port like an Airport basestation that is serving the WiFi connections. Typically, the LAN ethernet port is given, via DHCP, a real Internet accessible address but the addresses served via DHCP for wireless clients are private network addresses only. It's seems unlikely to me that the router is automatically forwarding incoming connections to a private network address on the WiFi network. But if he plugs his Mac in to the ethenert LAN port on the BT router then you should be able to connect directly to the address given to it via DHCP because it *should* be a real Internet accessible address.

Possible to import new mac address vendor code translation list in WCS 6?

Is it possible to import new (IEEE) vendor code list to get correct information regarding clients MAC-addresses? There are too many client vendor codes reported as "Unknown" lately......
Running 6.0.196.0.
/jonas

What is the mac address of the vendor OUI? Every new release of WCS contains the latest MAC vendor OUI so upgrading to WCS 7.0.164.3 should update the vendor's info.
If its a new device, please post the mac address, device, and vendor.

Unable to read MAC address of router at login

I'm using the following bash function to get the MAC address of the current router when logging in. The script works when I run it after logging in but doesn't work from my login hook (running as root). The script fails even after sleeping for 30 seconds prior to running. I know the interface is up because my mail client is finished checking mail by the time the script pings the router runs the arp command. I could run it as a cron job, but I'd like to understand why it fails during login.
<pre style="border: 1px solid #ddd; padding-left: .75ex; padding-top: .25em; padding-bottom: .25em; margin-top: .5em; margin-bottom: .5em; margin-left: 1ex; max-width: 80ex; overflow: auto; font-size: 10px; font-family: Monaco, 'Courier New', Courier, monospace; color: #444; background: #eee; line-height: normal">get_route_mac() {
ip=$(netstat -nrfinet | awk '/^default/{print $2; exit}')
[[ "$ip" = *.*.*.* ]] || return 1
[ ${1:-0} -gt 0 ] && ping -nc$1 $ip 2>&1 >/dev/null
arp -n $ip | sed -n 's/.* at $.*:.*:.*:.*:.*:.*$ on .*/\1/p'
</pre>
The idea is to do certain things when joining different networks. Especially when connected to an unknown network (stolen laptop recovery). I would like to support 10.3.9, so I'm avoiding launchd for now.

PWD=/
SHLVL=1
SECURITYSESSIONID=ceb19270
_=/usr/bin/printenv
uid=0(root) gid=0(wheel) groups=0(wheel)
The script works much better when it can find the required programs. :0)
which netstat awk ping arp sed
/usr/sbin/netstat
/usr/local/bin/awk
/sbin/ping
/usr/sbin/arp
/usr/bin/sed
<pre style="border: 1px solid #ddd; padding-left: .75ex; padding-top: .25em; padding-bottom: .25em; margin-top: .5em; margin-bottom: .5em; margin-left: 1ex; max-width: 80ex; overflow: auto; font-size: 10px; font-family: Monaco, 'Courier New', Courier, monospace; color: #444; background: #eee; line-height: normal">get_route_mac() {
ip=$(/usr/sbin/netstat -nrfinet | /usr/local/bin/awk '/^default/{print $2; exit}')
[[ "$ip" = *.*.*.* ]] || return 1
[ ${1:-0} -gt 0 ] && /sbin/ping -nc$1 $ip 2>&1 >/dev/null
/usr/sbin/arp -n $ip | /usr/bin/sed -n 's/.* at (.*:.*:.*:.*:.*:.*) on .*/ /p'
}</pre>
Thanks for your help, Bob!

Cisco Aiornet 1042 with MAC address

Hi,
I have a Cisco Aiornet, model AIR-AP1042N-E-K9.
I need to configure the AP to only certain MAC access.
I'm doing the configuration through the console.
The wireless network is not showing up in devices, anyone know why?
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap_disi
logging rate-limit console 9
enable secret 5 xxxxx.
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
no ip routing
no ip cef
dot11 syslog
dot11 ssid DISI-WLAN24
authentication open
dot11 ssid DISIWIFI
authentication open mac-address mac_methods
authentication key-management wpa version 2
infrastructure-ssid
dot11 guest
username Cisco password 7 xxxx
username Admin privilege 15 password 7 xxxx
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid DISI-WLAN24
ssid DISIWIFI
antenna gain 0
speed basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
station-role root
l2-filter bridge-group-acl
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1
description AP SITAS
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid DISIWIFI
antenna gain 0
peakdetect
no dfs band block
speed basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
l2-filter bridge-group-acl
no keepalive
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface BVI1
ip address 192.168.0.252 255.255.254.0
no ip route-cache
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
ip default-gateway 192.168.1.254
ip forward-protocol nd
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
access-list 700 permit 8830.8a24.7eb5 0000.0000.0000
access-list 700 deny 0000.0000.0000 ffff.ffff.ffff
snmp-server view dot11view ieee802dot11 included
snmp-server community public view dot11view RO
snmp-server location DISI
snmp-server contact SITAS
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps entity
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps authenticate-fail
snmp-server enable traps dot11-qos
snmp-server enable traps switch-over
snmp-server enable traps rogue-ap
snmp-server enable traps wlan-wep
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps cpu threshold
snmp-server enable traps aaa_server
snmp-server host 192.168.1.6 public
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
transport input all
sntp server 192.168.1.215
sntp broadcast client
end

Please refer: http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-4-25d-JA/Configuration/guide/cg_12_4_25d_JA/scg12-4-25d-JA-chap16-filters.html#wp1034897

851W - mac address changes destination port on bridge

Hello,
We have a 851w configured in bridge mode between the wireless lan and the wired local lan.
The mac addresses of the machines connected through wire keep changing the destination port on where they are registered.
If they are on FastEthernetX everything works ok, when they are on VLAN1 we loose connection between wire and wireless clients.
NORMAL OPERATION
Destination Address Address Type VLAN Destination Port
0019.7d83.xxxx          Dynamic        1     Vlan1
0021.8656.xxxx          Dynamic        1     FastEthernet0
0022.9064.xxxx          Self               1     Vlan1
ERROR: NO NETWORK
Destination Address Address Type VLAN Destination Port
0019.7d83.xxxx          Dynamic        1     Vlan1
0021.8656.xxxx          Dynamic        1     Vlan1
0022.9064.xxxx          Self               1     Vlan1
I tryed to debug using the various debug arp commands but didn't find any useful info.
Why does it change the destination port?
How can I make it stable?
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname UM01
boot-start-marker
boot system flash:/c850-advsecurityk9-mz.124-11.XW6.bin
boot-end-marker
logging buffered 51200 warnings
dot11 ssid UM01
   vlan 1
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 7 00101615105E3F233C1569
ip cef
bridge irb
interface FastEthernet0
no ip address
ip virtual-reassembly
no dot11 extension aironet
encryption vlan 1 mode ciphers aes-ccm
ssid UM01
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2412
station-role root
no cdp enable
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Vlan1
no ip address
ip tcp adjust-mss 1452
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
interface BVI1
description Bridge to Internal Network
ip address 10.10.189.254 255.255.255.0
no ip http server
no ip http secure-server
no cdp run
control-plane
bridge 1 protocol ieee
bridge 1 route ip
line con 0
privilege level 15
no modem enable
line aux 0
line vty 0 4
privilege level 15
transport input ssh
scheduler max-task-time 5000
end

FYI, the solution we found was to force the mac address of each wired computer to a physical interface and vlan 1.
This seems to have stabilize the communications, no more mac address hopping between destination port.

Device in the data base getting PXE aborted --unable to find machine using Mac address /resouce iD

hi
when I deploy osd to my unknown collection iam getting PXE aborted ..earlier we used to delete machines from sccm
by searching query based on Mac address .and clear last pxe advertisement option , but iam finding certain machines getting PXE aborted shows device in data base when we search these machines using mac address /resouce iD unable to find in sccm or
sccm data base . I have found some blogs where unknown collection parameters are changed to decommissioned value from "o" to "1"
but unable to build new unknown collection , its very difficult to delete machines from SCCM console every time when pxe aborted . machines are getting pxe aborted some way its known to SCCM ,its difficult to import machines every time before machines are
image .is there any permanent solution to override pxe aborted ,even systems are known to SCCM ,we are in sccm 2012 infrastructure
hoping a positive replay from all technical leads
thanks in advance
ankith

Hi,
"is there any permanent solution to override pxe aborted ,even systems are known to SCCM ,we are in sccm 2012 infrastructure"
I think there is not a permanent solution.
It could help if you first run the configuration manager report to locate a particular MAC address.
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

MAC address problem

Hi all,
I am a newbie and would really appreciate it if someone can answer the following questions.
1. How does it work if a packet is send from one network to another network and the MAC of destination if unknown? My understanding is the sender's network gateway mac address is used as the MAC destination address. But how is it send to the destination?
2. Why do we need a MAC address? Isn't IP address enough?
3. How come there are some MAC address which does not exist in the network topology?
Many thanks again.
Richard

Richard
An IP address is not enough because the IP addresses cannot change (unless you are doing NAT but that is not relevant to this) but the mac addresses have to. An example might help -
H1 -> (int gi0/0) L3 switch (int gi0/1) -> S1
H1 = 192.168.5.10
S1 = 192.168.6.10
H1 wants to send a packet to S1 so it needs to send the packet to it's default gateway It does this by using the mac address of the gi0/0 interface on the L3 switch -
src mac = H1
dst mac = L3 gi0/0
src IP = 192.168.5.10
dst IP = 192.168.6.10
the L3 switch receives the packet and sees the destination IP is S1 and it has a direct connection so it sends the packet to S1 -
src mac = L3 int gi0/1
dst mac = S1
src IP = 192.168.5.10
dst IP = 192.168.6.10
notice how the IPs never change but the mac addresses do at each L3 hop.
If you just used the IP it wouldn't work because if the IP was the L3 gi0/0 IP the L3 switch would not know what the destInation IP is meant to be.
Note that i didn't cover ARP which resolves an IP to a mac address because i just wanted to keep it simple.
Hopefully that's helped with questions 1) and 2).
Not sure what you mean by question 3) ?
Jon

How do I restrict access to Wireless router (800 series) by mac address

I hope I'm in the correct area.
I'm trying to deny access to 3 wireless devices to the cisco 800 series wireless router
The MAC address are:
MAC Address    IP address      Device        Name            Parent         State
0014.6caf.410a 192.168.2.26    unknown       -               self           Assoc
9803.d8ba.cd42 192.168.2.41    unknown       -               self           Assoc
a4d1.d205.72e1 192.168.2.25    unknown
If this cannot be done is it poosible to assign the mac address to an ip address and then denying access to the ip address.
Thanks
Jon

Hello Jon,
You should be able to do it either way. Best way would be by IP address so you do not even allow the host to associate with your AP.
Looking for some Networking Assistance?
Contact me directly at [email protected]
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com

Unknown MAC address

Similar Messages

Maybe you are looking for