Home

Forums

Stories

Knowledge Base

Business Community > Controllers > Omada give client gateway address instead of DHCP ip address range

< Controllers

Omada give client gateway address instead of DHCP ip address range

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Omada give client gateway address instead of DHCP ip address range

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

puttskii

2020-10-05 03:42:15 - last edited 2021-04-08 07:13:26

Posts: 7

Helpful: 1

Solutions: 0

Stories: 0

Registered: 2019-03-06

Omada give client gateway address instead of DHCP ip address range

2020-10-05 03:42:15 - last edited 2021-04-08 07:13:26

Model: EAP225

Hardware Version: V3

Firmware Version: 2.20.1

Since Omada SDN (TL-R605 still "coming soon") doesn't have TP Link router as DHCP server, my ISP router act as DHCP server

I have PC as Omada SDN Server

4 EAP115

1 EAP225

But I don't understand why my EAP225 give client gateway address as ip address 192.168.1.1

is this some kind of hacking activity or what? because

my ISP router DHCP Server range 192.168.1.21 - 254
ISP router wifi connection never give 192.168.1.1 as ip address
all other 4 EAP115 never give 192.168.1.1 as ip addres

Only EAP225 sometimes give gateway address as ip address, not once not twice but it has been 5th times

1 Accepted Solution

R1D2

LV6

2020-10-09 07:21:14 - last edited 2021-04-08 07:13:26

Posts: 4334

Helpful: 1039

Solutions: 173

Stories: 3

Registered: 2015-12-05

Re:Omada give client gateway address instead of DHCP ip address range-Solution

2020-10-09 07:21:14 - last edited 2021-04-08 07:13:26

puttskii wrote

1. There is an option for DHCP Option 82

is it the answer?

2. I read more about this attack, it similar or it is ARP Spoofing, right?

1. No, it's not a single option. You need to harden your network against ARP cheating attacks, this means you have to take several actions which depend on your devices, on our network topology and your use case. First is to bind your gateway's MAC address to its IP on the gateway and the switch(es). Next is to use ACLs to block all traffic from/to 192.168.1.1 if the origin/destination is not the gateway.

TP-Link has even a FAQ about mitigation of ARP cheating, but it might not fully fit to your network topology: https://www.tp-link.com/lk/support/faq/169/

2. Yes, it's a type of an ARP spoofing attack, the attacker either tries to capture the Internet traffic destined to the gateway or to just bring down your network.

Of course, you could alternatively use a WPA2 key to secure your WLAN if all valid clients are known to you.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻

Recommended Solution

5 Reply

R1D2

LV6

2020-10-05 17:36:51 - last edited 2020-10-05 17:37:20

Posts: 4334

Helpful: 1039

Solutions: 173

Stories: 3

Registered: 2015-12-05

Re:Omada give client gateway address instead of DHCP ip address range

2020-10-05 17:36:51 - last edited 2020-10-05 17:37:20

puttskii wrote

But I don't understand why my EAP225 give client gateway address as ip address 192.168.1.1

is this some kind of hacking activity or what?

EAPs do not have a DHCP server and thus do not assign IPs to client devices.

Maybe the client device has set IP 192.168.1.1 statically and intentionally ignores your DHCP server.

What's more, the MAC address is not a public OUI, but a locally assigned MAC address (MAC addresses of the form 02:XX:XX:XX:XX:XX are kind of »private« MACs similar to »private« IPs 192.168.X.X).

I would ban this device and wait until the person complains. Then you could ask him what he is doing and why.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻

puttskii

LV1

2020-10-06 07:54:35

Posts: 7

Helpful: 1

Solutions: 0

Stories: 0

Registered: 2019-03-06

Re:Omada give client gateway address instead of DHCP ip address range

2020-10-06 07:54:35

@R1D2

You were right. I'm fighting this guy into a very long blocking list

Is there any way to prevent this?

Because everytime he log in with 192.168.1.1 all network is down, and I have manually block this guy to restore the connection

R1D2

LV6

2020-10-06 15:06:50

Posts: 4334

Helpful: 1039

Solutions: 173

Stories: 3

Registered: 2015-12-05

Re:Omada give client gateway address instead of DHCP ip address range

2020-10-06 15:06:50

@puttskii, you could prevent ARP cheating on your router by a static ARP binding of the gateway's IP address to its MAC. But I don't know how to do that on your router, please search the web for information how to enforce DHCP or how to prevent ARP cheating.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻

puttskii

LV1

2020-10-07 15:05:40

Posts: 7

Helpful: 1

Solutions: 0

Stories: 0

Registered: 2019-03-06

Re:Omada give client gateway address instead of DHCP ip address range

2020-10-07 15:05:40

@R1D2 my router is Huawei EG8245H5

There is an option for DHCP Option 82

is it the answer?

I read more about this attack, it similar or it is ARP Spoofing, right?

R1D2

LV6

2020-10-09 07:21:14 - last edited 2021-04-08 07:13:26

Posts: 4334

Helpful: 1039

Solutions: 173

Stories: 3

Registered: 2015-12-05

Re:Omada give client gateway address instead of DHCP ip address range-Solution

2020-10-09 07:21:14 - last edited 2021-04-08 07:13:26

puttskii wrote

1. There is an option for DHCP Option 82

is it the answer?

2. I read more about this attack, it similar or it is ARP Spoofing, right?

TP-Link has even a FAQ about mitigation of ARP cheating, but it might not fully fit to your network topology: https://www.tp-link.com/lk/support/faq/169/

2. Yes, it's a type of an ARP spoofing attack, the attacker either tries to capture the Internet traffic destined to the gateway or to just bring down your network.

Of course, you could alternatively use a WPA2 key to secure your WLAN if all valid clients are known to you.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻

Omada give client gateway address instead of DHCP ip address range

Omada give client gateway address instead of DHCP ip address range

Information

Voters 0

Tags