Finding MAC address of currently connected AP

Running XP, using the wireless zero configuration service, I need to find out the MAC address of the access point that I'm connected to. Netstumbler and similar programs can give me a list of all APs in range, but can't seem to tell me which AP was connected by WZC. How can I get the MAC of the AP that Windows chose?

Reply to
Rick Onanian
Loading thread data ...

On Fri, 18 Jan 2008 11:41:27 -0800 (PST), Rick Onanian wrote in :

Why would you care?

Reply to
John Navas

I have a network with many APs and sometimes Windows connects to one that's broken or possibly a rogue unauthorized AP. I need to figure out the MAC of the offending AP, at which point I can either identify it from a list I have of APs or use NetStumbler to find it by walking around and watching the signal strength.

Reply to
Rick Onanian

On Fri, 18 Jan 2008 13:00:59 -0800 (PST), Rick Onanian wrote in :

With multiple APs with the same SSID, Windows will normally connect to the strongest signal.

"ipconfig /all" can be run in a CMD window to get the MAC address.

No rogue AP should be an issue with WPA. Is that not bring used?!

Reply to
John Navas

That's what I thought, but there's a few that are almost equal where I get the bad one.

It doesn't show me the MAC of the AP for me, just the MAC of the computer's WiFi card.

It is not being used. It's a campus network and we do not use encryption. We do use

formatting link
for authentication for our students, both for WiFi and wired.

Reply to
Rick Onanian

arp -a will show the MAC addresses on you local LAN. If you are connected via WiFi, it should probably show only the AP.

Interface: 192.168.1.2 --- 0x2 Internet Address Physical Address Type 192.168.1.1 00-09-5b-ef-23-dd dynamic

The address should probably be your default gateway.

ipconfig /all |find "Gateway" Default Gateway . . . . . . . . . : 192.168.1.1

Reply to
dold

On Fri, 18 Jan 2008 13:25:22 -0800 (PST), Rick Onanian wrote in :

Check router IP from ipconfig against values displayed by "arp -a".

Yikes! That means all wireless is unencrypted and easily snooped. I would strongly recommend WPA Enterprise for that kind of environment.

Reply to
John Navas

I'd agree, but it would obviously require all the students to have WPA-Enterprise capable laptops, and to be tech-savvy enough to configure it. This may be impractical to insist on.

Also your WPA key would be public knowledge to thousands of geeks..... may as well not bother...

Reply to
Mark McIntyre

On Fri, 18 Jan 2008 23:59:00 +0000, Mark McIntyre wrote in :

Readily available on all platforms in a college environment, and very easy to configure and use.

On the contrary -- with WPA Enterprise, each user has unique credentials, and all sessions are isolated with one-time keys; i.e., user 1 can't sniff traffic of user 2 even with the unique credentials for user 2.

Reply to
John Navas

interesting.... I have a separate AP (just AP, not a combo router) and then a normal router. The MAC of the AP has no reason to appear in any list, since it is never used in an ARP exchange. It only showed in a ARP -a when I explicity Ping'd it.

Reply to
P.Schuman

In that case, does it show up as the default gateway, or does it disappear altogether?

Reply to
dold

Nope, not in this case. These Cisco "Lightweight" APs function as bridges. They have IP addresses that, AFAICT, are only used for communication with their central management console. It's similar to what "P.Schuman" described in his post to this thread.

Unlike his situation, the MAC does not end up in the arp table even if I ping the AP's IP address (which, again, is used only for communication with the central management console). This is because the AP's management IP is on a different subnet than its clients, so a laptop pinging it has to go through the gateway (which, btw, is in our server room).

Reply to
Rick Onanian

The MAC you get from that probably belongs to the wired interface, not the wireless. It sounds like your situation is smaller and simple enough to use something like NetStumbler or WiFi Hopper.

Reply to
Rick Onanian

The vendor utility for your WiFi client might offer more connection information. Mine allows me to select a WAP by SSID and has an advanced screen with the MAC address for further clarification amongst same-named WAPs.

One of the free "managers" probably provides a similar tool. Boingo and AT&T Connection Manager come to mind.

Reply to
dold

On Sun, 20 Jan 2008 18:07:23 -0600, "P.Schuman" wrote in :

The simple solution is to connect to the web management interface, present in most access points.

Reply to
John Navas

Rick Onanian hath wroth:

That's actually more difficult than it would seem. If you use the results of: arp -a you'll only get the MAC and IP address of the default gateway, not the connected wireless access point.

You could cheat and ping the management IP address of the access point followed by: arp -N "IP_address_of_access_point"

Vista greatly expanded the wireless diagnostic status options with the various: netsh wlan etc... incantations. For example: netsh wlan show networks mode=bssid or something like that, will show the available network connections with the BSSID (MAC address) of the access points. I don't have a Vista box handy to decode the incantation required to extract the currently connected access point.

In order to get the MAC address, it would need to come from the WZC program, or possibly the NDIS drivers for your wireless device. Some alternative drivers and wireless configuration utilities, such as Intel Proset, show the MAC address with the connection info. I think (not sure) the WZC status page (right click on the icon in the system tray or control panel) has the connected MAC address.

Reply to
Jeff Liebermann

On Tue, 22 Jan 2008 10:34:07 -0800, Jeff Liebermann wrote in :

Correct. Click the Support tab, and then the Details button.

Reply to
John Navas

Isn't that the MAC address of your NIC? It is in WinXP.

Reply to
dold

On Wed, 23 Jan 2008 00:45:58 +0000 (UTC), snipped-for-privacy@51.usenet.us.com wrote in :

Right you are. Thanks for catching that. I should have checked. [blush]

Reply to
John Navas

I think the simple, yet bigger question is - How can you tell the AP's apart for let's say a site survey or rogue AP's when using a central controller and remote dumb AP's like Aruba or others...

It's an interesting question overall.... hmmm Is there any other identifier that is transmitted that could be unique and picked up by Netstumbler ?

Reply to
P.Schuman

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.