Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
1
Replies

locate host with IP not belong to known network

shinji7800
Level 1
Level 1

‎12-17-2016 03:22 AM - edited ‎03-08-2019 08:36 AM

Hello,

I have a FW between two privates networks and it block multiples unknown  IP addresses (they don't belong to my two privates networks)

I'm would like to find a way to locate them.

I checked every ARP table but I didn't find them in it. (I think is normal because they don't belong to my private network)

I need to locate approximatively 15 addresses. I started by putting ACLs to try to find by what interface the flow came. But it's long and tedious, maybe there is a better way to do this.

thanks

best regards

Please forgive my approximate English, I'm French.

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎12-17-2016 08:49 AM

Your approximate English is fine and I believe gives us a good understanding of your problem. You do not tell us what firewall is used in your network. My suggestion is based on the assumption that it would be ASA and I hope that is correct.

I suggest that you turn on deb arp on the firewall and look in the output for occurrences of requests from these addresses from other networks. The output should show which interface and the source mac address. You should then be able to look on what is connected to that interface and find the mac address and it should point you toward where that device is connected.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card