Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
459
Views
0
Helpful
2
Replies

Rogue IP addresses on my WAN links

terry.greene
Level 1
Level 1

‎11-15-2004 01:17 PM - edited ‎03-02-2019 07:58 PM

It appears I have a device with a misconfigured IP address in the form of 192.168.0.x on one of my various WAN links. I found the issue because my dial backup using 192.168.0.0/24 has started coming up every 12 minutes when a packet from my core DNS server is sent to that IP address. When I do a trace of the traffic at the port where my DNS server is attached, the source MAC address is the sending router interface. I captured a trace of the traffic where a core router enters our network, but the source MAC address for that IP address is again the sending interface of that router. Is there a way to find the device using a local sniffer trace? If not, any ideas how to find the rogue device on whatever WAN link it resides? I've verified the IP address causing the problem is not a valid IP address currently in use on our network.

Thanks,

Terry G

Labels:
0 Helpful
2 Replies 2

smalkeric
Level 6
Level 6

‎11-19-2004 02:30 PM

Use access lists to block all traffics with a source IP address of your internal network, this will eliminate this problem. This is also a best practise in Network Security

0 Helpful

gaban
Level 1
Level 1

‎11-23-2004 09:49 AM

has anybody installed a DHCP server that is dishing out that Address?

0 Helpful
Customers Also Viewed These Support Documents