Router log question

If your router is the DHCP server, yes, you'll see a log when the box renews its ip. You can check the DHCP table also to see what boxes are connected.

"maybenot" wrote in news:sjnjf.96$gm2.52@trndny03:

If machine is using a Static IP on the router, it will never be in the DHCP table since it's not a DHCP IP. If the router does have a syslog, then he'll be able to see in the logs the remote IP traffic is coming from that's being blocked. He'll see the LAN IP traffic is being sent from static or DHCP IP and the destination IP the traffic is being sent to.

Duane :)

As Duane mentioned I use static IP's on my LAN so there is no DHCP activity on the LAN side of the router. The activity in question is on the outside (or so I assume).

Here is a sample of the log (names have been changed to protect the innocent);

Nov/30/2005 03:18:26 DHCP Receive IP:##.##.85.17 ##.##.85.17 Nov/30/2005 03:18:26 DHCP Request ##.##.85.17 Nov/29/2005 22:21:15 Wireless PC connected 00-02-3A-2C-11-1C Nov/29/2005 22:20:00 Wireless PC connected 00-02-3A-2C-11-1C Nov/29/2005 12:02:07 Wireless PC connected 00-01-4F-09-E7-99 Nov/29/2005 03:18:27 DHCP Receive IP:##.##.85.17 ##.##.85.17 Nov/29/2005 03:18:27 DHCP Request ##.##.85.17 Nov/28/2005 03:18:26 DHCP Receive IP:##.##.85.17 ##.##.85.17 Nov/28/2005 03:18:26 DHCP Request ##.##.85.17 Nov/27/2005 20:09:49 Wireless PC connected 00-01-4F-09-E7-99...

I know the MAC address represented by "00-01-4F-09-E7-99" is my laptop but there are two other MAC addresses that I know are not mine. I am assuming this is acknowledgment of a connection to the router not of being allowed to pass thru?

Duane is correct, you'll not see LAN ip's that is assigned static. However, if you assigned ip reservation via DHCP table per MAC then it will. One way you can also check roque ip's is to check the outbound logs. If you see activity in the log for non ip you assigned then you know there's an alien.

you should be able to set the router to DENY access to