How to find out who is trying to connect to my radius client

[Exterous]

We have a radius client setup and something is trying to constantly connect to it (and failing for improper authentication). Is there any good way to narrow down the location of the device other than walking by everyone's desk and asking them?

Its not our laptops as group policy would handle authentication for those. It was something left here overnight

[seepy83]

If you know the IP, I would look in DHCP to find out its MAC address. If you have managed switches, you should be able to look through the MAC address table and find out what port it's connected to. Trace the port back to a jack # and go from there.

[Exterous]

Quote:

Originally Posted by seepy83

If you know the IP, I would look in DHCP to find out its MAC address. If you have managed switches, you should be able to look through the MAC address table and find out what port it's connected to. Trace the port back to a jack # and go from there.

Eh - sorry it was trying to authenticate to our secured Wifi. Whatever it was stopped. I had resorted to 'door to door' and while I didn't find it maybe the word got out and someone realized they had tried to connect to our secure network instead of the guest on...or something....

[SagaLore]

Let them connect and run a packet capture on everything they do.