chasdrury Posted May 10, 2012 Report Share Posted May 10, 2012 How do iPhones get IP addresses assigned to them - i know that sounds a strange question, but we are seeing 20 iphones getting IP addresses on our DHCP server in one site. Now, that might not seem strange, but we have no WiFi. Not one access point> So the only thing that can be happening is plugging in via a cable if people are charging the phone (which they shouldn't do but that's another story). How can we stop the iPhones getting IP addresses when plugged in via cable - it seems very weird to me, not being an apple person i haven't the foggiest. Searching on the web seems to suggest there could only be rogue access point on the network - there definatley isn't! Chas Link to comment Share on other sites More sharing options...
Andy_Bangle Posted May 10, 2012 Report Share Posted May 10, 2012 Off the top of head I would try Mac address filtering, block everything in the*7C:C5:37:00:00:00*range. Link to comment Share on other sites More sharing options...
burble Posted May 10, 2012 Report Share Posted May 10, 2012 The only way I can think this is happening is with a rouge AP but if you're 100% sure there isn't one then I'm lost. When plugged in by USB they don't use IP to communicate, they can't be made to do so. Link to comment Share on other sites More sharing options...
NewNiceMrMe Posted May 10, 2012 Report Share Posted May 10, 2012 Reserve a nice big IP scope on your DHCP server so they won't have any IP addresses to get.....(so very similar to the above but it seems practical to do an IP range reservation on a DHCP server). Link to comment Share on other sites More sharing options...
Andy_Bangle Posted May 10, 2012 Report Share Posted May 10, 2012 What os is your dhcp server? NAP (network access protection) was introduced in Windows Server 2008 to force compliance when computers connect to the network, you can use a group policy to enforce the restriction to the device from connecting to the client computer. You can also block certain classes or specifically ID'd devices from USB ports using the policy described here:*Control ALL USB Devices Using Group Policy or even turn the usb ports if you don't usb them. Link to comment Share on other sites More sharing options...
NewNiceMrMe Posted May 10, 2012 Report Share Posted May 10, 2012 Ooo yes, that Group Policy advice would solve your issue immediately as it happens. That's a good one. (unless they're not connecting that way of course.. ) Link to comment Share on other sites More sharing options...
chasdrury Posted May 10, 2012 Author Report Share Posted May 10, 2012 DHCP server is currently 2003 but will be 2008 R2 shortly so will look into NAP then. We have filtered some of the MACs on the switches that pop up already. Andy - I like the USB filtering, I didn't know you could be that specific, this I will look into - thanks. The site where this is happening is a manufacturing facility - there are 2 different office blocks, and there are people in finance who are right next to the IT guys who have iPhones that have IP addresses on the network, and there is absolutely definately no access point there - we have scanned and used the channel checkers - you know the ones to pick the best channel if you do have wifi and nothing comes up. But there are also iPhones for people who belong to the departments 800 metres away, across a road so there'd have to be multiple access points. Now that Andy gave me the MAC address range I will get one of the guys to check the MAC address range tomorrow to make sure they are definately coming from an iPhone. Presumably they are since they come up "Martyns iPhone" or "Dianes iPhone" for example. Cheers..... Chas Link to comment Share on other sites More sharing options...
chrisan Posted May 10, 2012 Report Share Posted May 10, 2012 If you have some decent managed switches, trace the source port of the mac-address. On a Cisco, you would use "show mac-address-table" to do this. This will tell you exactly where they are in your network. Even though you're sure they haven't, my hunch is someone has introduced a rogue AP. Link to comment Share on other sites More sharing options...
chasdrury Posted May 10, 2012 Author Report Share Posted May 10, 2012 Thanks Chris, will try that, too. They are all HP 5412 / 2910AL switches so that should work..... Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now