Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
901
Views
2
Helpful
10
Replies

Is There Any Way To Show The MACs Of Only Directly Connected Devices?

Go to solution
bpam
Level 1
Level 1

‎06-15-2023 05:44 AM

Good Day,

I have a Catalyst switch with a WAP connected to one port, when I perform a "sh mac address-table" I receive a bunch of MAC addresses of the devices connected to the WAP. Is there any way to only get information for devices physically connected to to an access port?

Thank you in advance

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
bpam
Level 1
Level 1

‎06-16-2023 06:51 AM

Thanks for all of the input, I believe I have come up a workable solution.

First off to clarify. What I want is a list of devices that are physically connected to the switch and nothing else. My issue with the MAC addresses shown on the WAP ports is that they are non-existent so confirming the validity is futile.

My solution is to work with the output provided. I've appended a basic regex to my sh mac address-table command which will include only VLANs I want (in this case I want to exclude the WAP VLAN) and make sure the MAC is associate with a physical port.

sh mac address-table | include (.*120|121|162|163)(.*Gi)

This does the trick and I am now pulling the MAC addresses of devices directly connected to a switch port.

 

View solution in original post

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to bpam

‎06-16-2023 07:52 AM

That's fine!

Basically, the "inverse" of my "Doesn't MAC table show associated port?  If so, exclude port connected to AP.", but perhaps I should have further clarified what I had in mind for how to exclude (i.e. using sh mac address-table | exclude <reg-ex for WAP port>).  If what I had in mind, can be used, in theory, it might be easier to maintain.

Your approach, though, offers the advantage of NOT including extraneous data, like the table's headers, etc.

View solution in original post

0 Helpful
10 Replies 10

Go to solution
MHM Cisco World
VIP
VIP

‎06-15-2023 05:46 AM

Show cdp can help you I think

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎06-15-2023 05:48 AM 

sh mac address interface <PORT>
0 Helpful

Go to solution
bpam
Level 1
Level 1

‎06-15-2023 07:04 AM

Thank for the quick response. Running sh cdp neighbors I only see the MAC address of the core switch connected to it but I see no other endpoints.

sh mac address interface <PORT> shows all MAC addresses connected to the WAP (as well as the WAPs MAC). These addresses appear to be fake and I'm trying to figure out the best way to validate connected devices are authorized.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to bpam

‎06-15-2023 07:45 AM

Use any l2 auth' otherwise you dont know which mac for which wireless client 

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to bpam

‎06-15-2023 04:10 PM

Uhhhhh ... Wut? 

You want to see the MAC addresses from a port connected to a Cisco AP?  Not going to happen.  The only MAC address will be of the AP.  Everything from that port is encapsulated inside a CAPWAP tunnel.

Go to solution
MHM Cisco World
VIP
VIP
In response to Leo Laohoo

‎06-15-2023 04:22 PM

if he use local switching then the mac of wifi host will appear in mac address table 

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Leo Laohoo

‎06-15-2023 04:52 PM

True for LWAP, not true for a non-LWAP AP.  (I know, I know, who still use such.)

If a LWAP, you're correct, you wouldn't see the wireless host MACs.

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎06-15-2023 09:07 AM

Doesn't MAC table show associated port?  If so, exclude port connected to AP.

Go to solution
bpam
Level 1
Level 1

‎06-16-2023 06:51 AM

Thanks for all of the input, I believe I have come up a workable solution.

First off to clarify. What I want is a list of devices that are physically connected to the switch and nothing else. My issue with the MAC addresses shown on the WAP ports is that they are non-existent so confirming the validity is futile.

My solution is to work with the output provided. I've appended a basic regex to my sh mac address-table command which will include only VLANs I want (in this case I want to exclude the WAP VLAN) and make sure the MAC is associate with a physical port.

sh mac address-table | include (.*120|121|162|163)(.*Gi)

This does the trick and I am now pulling the MAC addresses of devices directly connected to a switch port.

 

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to bpam

‎06-16-2023 07:52 AM

That's fine!

Basically, the "inverse" of my "Doesn't MAC table show associated port?  If so, exclude port connected to AP.", but perhaps I should have further clarified what I had in mind for how to exclude (i.e. using sh mac address-table | exclude <reg-ex for WAP port>).  If what I had in mind, can be used, in theory, it might be easier to maintain.

Your approach, though, offers the advantage of NOT including extraneous data, like the table's headers, etc.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card