I'm trying to use SNMP to track information as to whats connected to our access points. The purpose is basic security and auditing in case of a problem ( virus, technical problem, etc ). We're already able to capture what wired devices are connected, but not the MAC addresses of the wireless clients.
We're employing Cisco Aironet APs, and looking around the MIBs, I found one object that has what I want, but it's not accessible.
cDot11ClientAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The MAC address of the client." ::= { cDot11ClientConfigInfoEntry 1 }
Does any one know another way to get this information via SNMP? (We're using SNMP linked to a database to monitor a large network, so third party tool integration is not a real option. )
Try walking the MIB tree starting at: 1.3.6.1.2.1.3.1.1 (or possibly 1.3.6.1.2.1.4.22.1.2) You should get a table of MAC Addresses and corresponding IP addresses. I'm not 100.0% sure this is the correct OID, but it's close. Use the MIB browser to be sure.
What model Cisco Aironet access point? What operating system are you using for your MIB browser? What utilities do you have availble (i.e. Net-SNMP). What MIB browser are you using? Which MIB file are you looking at? Which 3rd party application? Why so vague? Why me?
I'm accessing 1210s and 350s using HPOV tools ( mibtable specifically ) off of Solaris. Unfortunately, of those OIDs only one works ( 1.3.6.1.2.1.3.1.1 is deprecated and not-accessible ). The other one appears to refer to the device's own NICs ( the associated IP addresses are sequential, and the related MIB is 1213 which does not include wireless info ).
I'll assume you have the corresponding MIB files. I'm not terribly familiar with HP OpenView. For Windoze, I use GetIF 2.3.1 for mib browseing.
formatting link
's a small trick to using it effectively. The directory: c:\\program files\\getif 2.3.1\\mibs\\ contains all the MIB files. Dump your Cisco vendor specific files into the directory and erase the .index file. It will be recreated when you run the program. Then, GetIF can find the MIB files. Point it at your Cisco routers and dump the entire MIB tree. You should find a section near the OID's I specified that contain a mess of MAC addresses.
I'm not sure what the MIB browser of fashion is for Solaris. Mostly, I use Net-SNMP at:
formatting link
snmpwalk to dump the MIB tree with whatever options are necessary to get a proper description instead of a numeric OID.
There are better MIB browsers with more artistic user interfaces available. The ones with a "tree view" might be more useful in finding the correct section.
Wonderful. I used a DWL-900AP+ to check the OID. Probably ancient. I don't have a 1200 or 350 series router to test. I probably made a bad guess as to whether I was looking at MAC addresses from workstation on the ethernet interface, or MAC addresses on the wireless side. It's in there (somewhere). Sorry.
In self defense, I'm NOT going to try to extract the proper OID from a router that I don't have in front of my face. I've done it wrong too often and find that such things are best done with a MIB browser or snmpwalk. However, if you're desperate, I can download the Cisco wireless MIB files and give it a try.
You mean topic drift? Vague questions are the way to guarantee topic drift. If you want a specific answer, kindly supply sufficient information or you will surely get an off topic answer. The absolute minimum is:
What are you trying to accomplish?
What do you have to work with?
Yep. Walk the MIB tree. You know the MAC addresses of your wireless devices so you should be able to spot where in the tree they are located. Watch out for SNMP tables that move around (i.e. last digit of OID changes). It's probably in the IEEE802dot11 MIB.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.