Cisco 1230 AP cDot11ClientAddress

Hi there,

I'm trying to receive the mac-address and ip-address for all the connected clients to our Cisco access-point by SNMP. The best way to do this seems with the cDot11ClientConfigInfoTable table.(CISCO-DOT11-ASSOCIATION-MIB OID: .1.3.6.1.4.1.9.9.273.1.2.1

The problem i have is that the mac-address of the clients isn't readable. The permission for this OID is 'not-accessible' (.1.3.6.1.4.1.9.9.273.1.2.1.1.1) The ip-address is not a problem, this oid(.1.3.6.1.4.1.9.9.273.1.2.1.1.16) is read-only.

Does any know if there is a possibility to change this permission or if there is another way to get the mac-address and ip-address from all the connected clients by SNMP(or in another way than SNMP)?

Kind regards,

Frank Zwart

Reply to
Frank
Loading thread data ...

What happens when you point a MIB browser at the top of the tree or run SNMPwalk on: .1.3.6.1.4.1.9.9.273.1.2.1.1 Do you MAC's under it? Probably not, but worth a try.

See: |

formatting link
|
formatting link
not-accessible. Very strange.

I can't find anywhere else where the MAC's might be listed. My usual brute force method is to connect with a known client, SNMPwalk the DOT11 part of the tree, and grep for the known MAC address of the client. It's in there, somewhere, maybe.

Whatever you're using as a MIB browser, did you grab *ALL* the MIB's? |

formatting link
Ummm... I don't suppose you would also care to disclose the model number and IOS version of your Cisco access point? There are bugs here and there.

Reply to
Jeff Liebermann

I allready did an SNMPwalk, there are some other OID's that show a MAC address. But there are no other OID's that give such a great overview of mac- & ipaddresses.

formatting link
|
formatting link
Yep. not-accessible. Very strange.

Very strange indeed, such a usefull table and only that collum not-accessible (by the web interface you can see a perfect overview of all connected clients!!) :-(

I allready did......for example in the rfc1213 mib, but not with the ip-address. Another advantage of cDot11ClientAddress OID is that it is always up to day.

formatting link
I downloaded a tarball from cisco ftpserver with all the mibs in it:-)

Do you know a website or where on the cisco site i could see a list of known bugs for each IOS version? I'm now running IOS version 12.2(13)JA4

Frank Zwart

Reply to
Frank

It's unusual to see the IP's because an access point is suppose to do everything at the MAC level (layer 2) and not get involved in IP layer (layer 3) stuff. I'm kinda suprised that the IP address is even listed. However, the AIR-AP1230A has a DHCP server, so I guess you're looking at the ARP table from the DHCP server. If true, then I suspect that clients with static IP's won't show up.

formatting link
> |
formatting link
> Yep. not-accessible. Very strange.

So it is written, so it shall be. (Yul Brenner in the C.B. DeMille version of The 10 commandments)

Yeah, it is kinda weird because it would be the perfect place to list the connections. I know you can dump ARP the table from IOS with: show ip arp brief show ip dhcp binding I would think that could also be extracted via SNMP, but I guess not.

The release notes for each version of IOS has all the fixed bugs. I don't think Cisco releases bug lists of unfixed bugs. (Note: I don't do much Cisco). Of course, there's the various security mailing lists and web piles:

formatting link
formatting link
CERT for +Cisco +SNMP yields 30 hits. Of course these are security issues, not implimentation bugs.

You might try the same question in one of the Cisco specific newsgroups and mailing lists. Sorry, I don't have a fix (or explanation).

Reply to
Jeff Liebermann

~ >> What happens when you point a MIB browser at the top of the tree or ~ >> run SNMPwalk on: ~ >> .1.3.6.1.4.1.9.9.273.1.2.1.1 ~ >> Do you MAC's under it? Probably not, but worth a try. ~ ~ >I allready did an SNMPwalk, there are some other OID's that show a MAC ~ >address. But there are no other OID's that give such a great overview ~ >of mac- & ipaddresses. ~ ~ It's unusual to see the IP's because an access point is suppose to do ~ everything at the MAC level (layer 2) and not get involved in IP layer ~ (layer 3) stuff. I'm kinda suprised that the IP address is even ~ listed. However, the AIR-AP1230A has a DHCP server, so I guess you're ~ looking at the ARP table from the DHCP server. If true, then I ~ suspect that clients with static IP's won't show up.

Actually, the AP sniffs the IP addresses in packets coming from the client, so it would see a client with a static IP (assuming that it emits packets.)

[ taking a pass on the SNMP oddities since I don't do much SNMP ]

Aaron

Reply to
Aaron Leonard

Why use the web interface when the IOS command line is available? Either of these IOS incantations can be run via telnet or SSH from an Expect script, DOS batch file, shell script, Perl script, AWK/NAWK script, VBS script, etc to parse the output into useable form. show ip arp brief show ip dhcp binding Lots of examples of IOS scripting scattered all over the web.

You didn't really disclose what you were planning to do with the MAC and IP addresses. Are you building something like "ARPwatch" or "SNMPwatch"?

Reply to
Jeff Liebermann

Thats correct, it does show the static ip's... but not the MAC's and as Jeff says: So it is written, so it shall be.

So snmp does not seems to be an option in this case i've need try it otherwise... I'm now trying to figure out how the code works the webinterface uses to retrieve the combination mac-ip.

Frank

Reply to
john doe

ow f*ck, my laptop was configured as John doe but it's me Frank :-)

Reply to
Frank

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.