Jump to content

iPhone and IP addresses


chasdrury
 Share

Recommended Posts

How do iPhones get IP addresses assigned to them - i know that sounds a strange question, but we are seeing 20 iphones getting IP addresses on our DHCP server in one site. Now, that might not seem strange, but we have no WiFi. Not one access point> So the only thing that can be happening is plugging in via a cable if people are charging the phone (which they shouldn't do but that's another story). How can we stop the iPhones getting IP addresses when plugged in via cable - it seems very weird to me, not being an apple person i haven't the foggiest. Searching on the web seems to suggest there could only be rogue access point on the network - there definatley isn't!

Chas

Link to comment
Share on other sites

What os is your dhcp server?

NAP (network access protection) was introduced in Windows Server 2008 to force compliance when computers connect to the network, you can use a group policy to enforce the restriction to the device from connecting to the client computer.

You can also block certain classes or specifically ID'd devices from USB ports using the policy described here:*Control ALL USB Devices Using Group Policy or even turn the usb ports if you don't usb them.

Link to comment
Share on other sites

DHCP server is currently 2003 but will be 2008 R2 shortly so will look into NAP then.

We have filtered some of the MACs on the switches that pop up already.

Andy - I like the USB filtering, I didn't know you could be that specific, this I will look into - thanks.

The site where this is happening is a manufacturing facility - there are 2 different office blocks, and there are people in finance who are right next to the IT guys who have iPhones that have IP addresses on the network, and there is absolutely definately no access point there - we have scanned and used the channel checkers - you know the ones to pick the best channel if you do have wifi and nothing comes up. But there are also iPhones for people who belong to the departments 800 metres away, across a road so there'd have to be multiple access points.

Now that Andy gave me the MAC address range I will get one of the guys to check the MAC address range tomorrow to make sure they are definately coming from an iPhone. Presumably they are since they come up "Martyns iPhone" or "Dianes iPhone" for example.

Cheers.....

Chas

Link to comment
Share on other sites

If you have some decent managed switches, trace the source port of the mac-address. On a Cisco, you would use "show mac-address-table" to do this. This will tell you exactly where they are in your network.

Even though you're sure they haven't, my hunch is someone has introduced a rogue AP.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...