Come to think of it I have seen that on a Cisco... Cisco 2801 Cisco IOS Software, 2801 Software (C2801-ADVSECURITYK9-M), Version 12.4(21a), RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Mon 29-Sep-08 16:28 by prod_rel_team
Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, May 1, 2012 at 1:20 PM, Craig Baird <[email protected]> wrote: > I have seen some devices "leak" DHCP out through the WAN, but not actually > give out any IPs. Specifically, I've seen numerous Cisco PIX firewalls do > it, and I've also seen a couple of Belkin routers behave this way. They > trigger Mikrotik's DHCP alert, but they aren't actually giving out IPs on > the WAN segment. Perhaps this is what's happening here... > > Craig > > > > Quoting Josh Luthman <[email protected]>: > >> Is the NSM2 in router or soho router mode? >> >> What version is it? There was a bug where NAT wasn't doing NAT right. >> >> Josh Luthman >> Office: 937-552-2340 >> Direct: 937-552-2343 >> 1100 Wayne St >> Suite 1337 >> Troy, OH 45373 >> >> >> On Tue, May 1, 2012 at 10:54 AM, Stuart Pierce <[email protected]> wrote: >>> >>> Well valid servers I think would be any mac address of what I >>> consider to be valid dhcp servers, so I only have one and that >>> is the Tik box itself. >>> >>> But I see alerts saying an unknown dhcp server and the mac >>> address is that of a NM2 that is in router mode. It's WAN is the >>> WLAN and it's in dhcp mode and the WLAN is not part of the >>> bridge. >>> So either the NM2 dhcp server is leaking out of the WLAN/WAN >>> side or the Tik box is whhhhacky. Hard to tell which one >>> anymore. >>> >>> ---------- Original Message ---------------------------------- >>> From: Josh Luthman <[email protected]> >>> Reply-To: Mikrotik discussions <[email protected]> >>> Date: Tue, 1 May 2012 11:51:37 -0400 >>> >>>> What you're looking for is a MAC address that is hosting a DHCP >>> >>> server >>>> >>>> that shouldn't. You might need to whitelist your own if it's >>> >>> the MT >>>> >>>> itself, but definitely need to if it's another device on the >>> >>> network. >>>> >>>> I can't recall for sure. >>>> >>>> Josh Luthman >>>> Office: 937-552-2340 >>>> Direct: 937-552-2343 >>>> 1100 Wayne St >>>> Suite 1337 >>>> Troy, OH 45373 >>>> >>>> >>>> On Tue, May 1, 2012 at 10:48 AM, Stuart Pierce >>> >>> <[email protected]> wrote: >>>>> >>>>> I set up a Tik box to just see/test out the dhcp alert and >>> >>> used >>>>> >>>>> the mac of the Tik ethernet port that the Tik dhcp server is >>>>> using to give out ip addresses as the valid server. >>>>> >>>>> So when I get an alert that a cpe, that is in router mode, is >>> >>> an >>>>> >>>>> unknown dhcp server.....what does that say ? >>>>> >>>>> >>>>> >>>>> >>>>> >>> ________________________________________________________________ >>>>> >>>>> Sent via the WebMail system at avolve.net >>>>> >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Mikrotik mailing list >>>>> [email protected] >>>>> http://www.butchevans.com/mailman/listinfo/mikrotik >>>>> >>>>> Visit http://blog.butchevans.com/ for tutorials related to >>> >>> Mikrotik RouterOS >>>> >>>> _______________________________________________ >>>> Mikrotik mailing list >>>> [email protected] >>>> http://www.butchevans.com/mailman/listinfo/mikrotik >>>> >>>> Visit http://blog.butchevans.com/ for tutorials related to >>> >>> Mikrotik RouterOS >>>> >>>> >>> >>> >>> >>> >>> >>> ________________________________________________________________ >>> Sent via the WebMail system at avolve.net >>> >>> >>> >>> >>> _______________________________________________ >>> Mikrotik mailing list >>> [email protected] >>> http://www.butchevans.com/mailman/listinfo/mikrotik >>> >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>> RouterOS >> >> _______________________________________________ >> Mikrotik mailing list >> [email protected] >> http://www.butchevans.com/mailman/listinfo/mikrotik >> >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >> RouterOS >> >> > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://www.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS _______________________________________________ Mikrotik mailing list [email protected] http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
