ExtremeWireless (WiNG)

Expand all | Collapse all

Client-2-Client communication monitor

  • 1.  Client-2-Client communication monitor

    Posted 10-31-2018 11:47
    Hello,

    I'm currently looking to disable client-2-client communication on our tunneled Guest network. Before it, I wanted to see if there is a way to know if this traffic exist.

    Is there a way to monitor Client-2-Client communication short of pkt-cpt for the subnets?

    Thanks in advance


  • 2.  RE: Client-2-Client communication monitor

    Posted 10-31-2018 12:05
    add the line in the wlan

    no client-client-communication to disable clients-2-client

    if you enable this you can then use packet capture to monitor the dropped traffic

    Ok its reverse to what you were looking to do but it simple

    remote-debug live-pktcap rf-domain


  • 3.  RE: Client-2-Client communication monitor

    Posted 10-31-2018 12:44
    Hi Daniel,

    You would not be able to confirm short of a packet capture.
    It would be easier to turn on no client-2-client and run "service pktcap on drop" then look for wireless client-to-client output. Best place to start would be on an AP with the guest WLAN mapped.

    Note:
    On Guest WLAN there should be no reason for wireless client to communicate with each other.
    Communication for the most part is direct to internet. So it would be safe to enable that setting.


  • 4.  RE: Client-2-Client communication monitor

    Posted 10-31-2018 17:07
    Only thing I came think of would be to do something like:
    Create an IPv4ACL and set it to allow from the wireless client subnet *to* the wireless client subnet and setup the ACL to log (which should then cause any traffic detected going from one wireless client on that subnet to another wireless client on that same subnet to get log in the event viewer) and then apply this IPv4ACL to one of the APs.
    This is really a 'kludgey' way to try to test this though.
    As Daren mentioned, probably best to enable the option and then run the 'service pktcap on drop' command and look at the traffic.

    Or...if you don't want to YET enable the no client-2-client feature but just want to see if it's happening...then you could still run that command, but look for Source and Destination addresses of traffic that belong the the DHCP pool for the SSID you want to monitor. If you see traffic that is going back and forth between wireless clients on the subnet, then there *is* client-2-client traffic happening.

    I don't see any other way to checking this w/o it the process getting more complicated.