Prevent\Detect Dual Homing

Is there a script to tweak the registry key that we can used to detected if wireless and wired NIC has been enabled simultaneously. Under this condition, the wireless NIC shall be disabled.

Thanks.

Reply to
happy.ppp
Loading thread data ...

f it is Windows XP, it should happen automatically.

see

formatting link

Reply to
Merv

If not Windows XP, set the interface route metrics so that the wired interface has a lower metric

Reply to
Merv

You does this by using route metric. However, for directly connected subnet of wireless NIC, you shall goes via the wireless NIC instead of the wired NIC. We want everything to goes thru the wired NIC and disable the wireless NIC in total.

Merv wrote:

Reply to
happy.ppp

Do anyone know of any script that tweak the registry to disable the wireless NIC when both the wired and wireless NIC is detected.

Pls advise and thanks.

happy.ppp wrote:

Reply to
happy.ppp

It is possible to bridge wireless and wired NIC in XP. Thus, this is why we want a script that disable the wireless NIC and left the wired NIC active.

Any out there can help. Thanks

happy.ppp wrote:

Reply to
happy.ppp

"registry key" is fairly specific to Microsoft Windows. The only thing that Windows has to do with Cisco is that some Cisco software products run on Windows.

I would suggest that you should ask in a Windows specific newsgroup. Most people are here for networking infrastructure, not host-level networking; someone here might -happen- to know the answer, but it isn't what we specialize in.

Another newsgroup where you might be able to get an answer is comp.security.misc .

Reply to
Walter Roberson

If you have Cisco switches, then turn on BPDU guard on the wired access ports. Then when the XP user configures bridging and turns on both wireless and wired adapters, the switch will shut down the port to the wired adapter. Not exactly what you're asking for, but it will at least thwart the bridging.

Aaron

Reply to
Aaron Leonard

Yes!!!

This is the key.

However, you do not need to rely on BPDU guard (I don't think)

Aaron, why will the wired adaptor lose in this situation?

You may be able to arrange the STP parameters to get the results that you want.

In Spanning Tree Protocol the most important thing is the root path cost so by varying the interface costs you should be able to get what you want. One way or another.

You will probably find that you have to turn off portfast which will result in additional delay when ports come up but with modern switches you will be able to tune the timers.

Post the topology ascii art or a link to a diagram and maybe something can be suggested.

Reply to
Bod43

snipped-for-privacy@hotmail.co.uk wrote: [use of bpdu guard from Cisco]

[snip]

Because if you can tweak the parameters, so can other people. But they can't stop BPDUs so it would be safer.

Reply to
Hansang Bae

I was, perhaps incorrectly, thinking that the windows boxes would be STP transparent. I recall now that I have seen that they are. Clearly in principle someone could bring in additional components that were STP active and break the network however I am not certain that this is a major consideration for most networks. It is I agree a consideration for big corporates.

Good to have you back by the way.

Reply to
Bod43

Further issue is that I don't think that switches in general are designed to have active STP on every port.

Too much work to do.

Seemed like fine idea for a while.

Reply to
Bod43

Thanks. I think this is a big gaping hole for a lot companies. NAC-like functionality is a good thing in concept. We'll see how it pans out - operationaly speaking.

Reply to
Hansang Bae

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.