Finding MAC address of currently connected AP

Running XP, using the wireless zero configuration service, I need to
find out the MAC address of the access point that I'm connected to.
Netstumbler and similar programs can give me a list of all APs in
range, but can't seem to tell me which AP was connected by WZC. How
can I get the MAC of the AP that Windows chose?

On Fri, 18 Jan 2008 11:41:27 -0800 (PST), Rick Onanian
<(E-Mail Removed)> wrote in
<df012679-a33c-44ae-bb12-(E-Mail Removed)>:

>Running XP, using the wireless zero configuration service, I need to
>find out the MAC address of the access point that I'm connected to.
>Netstumbler and similar programs can give me a list of all APs in
>range, but can't seem to tell me which AP was connected by WZC. How
>can I get the MAC of the AP that Windows chose?

Why would you care?

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

On Jan 18, 3:33*pm, John Navas <spamfilt...@navasgroup.com> wrote:
> <groups.theholy...@xoxy.net> wrote in
> >How can I get the MAC of the AP that Windows chose?
>
> Why would you care?

I have a network with many APs and sometimes Windows connects to one
that's broken or possibly a rogue unauthorized AP. I need to figure
out the MAC of the offending AP, at which point I can either identify
it from a list I have of APs or use NetStumbler to find it by walking
around and watching the signal strength.

On Fri, 18 Jan 2008 13:00:59 -0800 (PST), Rick Onanian
<(E-Mail Removed)> wrote in
<48f663f2-31a4-40d4-9599-(E-Mail Removed)>:

>On Jan 18, 3:33*pm, John Navas <spamfilt...@navasgroup.com> wrote:
>> <groups.theholy...@xoxy.net> wrote in
>> >How can I get the MAC of the AP that Windows chose?
>>
>> Why would you care?
>
>I have a network with many APs and sometimes Windows connects to one
>that's broken or possibly a rogue unauthorized AP. I need to figure
>out the MAC of the offending AP, at which point I can either identify
>it from a list I have of APs or use NetStumbler to find it by walking
>around and watching the signal strength.

With multiple APs with the same SSID, Windows will normally connect to
the strongest signal.

"ipconfig /all" can be run in a CMD window to get the MAC address.

No rogue AP should be an issue with WPA. Is that not bring used?!

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

On Jan 18, 4:15*pm, John Navas <spamfilt...@navasgroup.com> wrote:
> With multiple APs with the same SSID, Windows will normally connect to
> the strongest signal.

That's what I thought, but there's a few that are almost equal where I
get the bad one.

> "ipconfig /all" can be run in a CMD window to get the MAC address.

It doesn't show me the MAC of the AP for me, just the MAC of the
computer's WiFi card.

> No rogue AP should be an issue with WPA. *Is that not bring used?!

It is not being used. It's a campus network and we do not use
encryption. We do use http://netreg.sourceforge.net/ for
authentication for our students, both for WiFi and wired.

Rick Onanian <(E-Mail Removed)> wrote:
> Running XP, using the wireless zero configuration service, I need to
> find out the MAC address of the access point that I'm connected to.

arp -a will show the MAC addresses on you local LAN. If you are connected
via WiFi, it should probably show only the AP.

Interface: 192.168.1.2 --- 0x2
Internet Address Physical Address Type
192.168.1.1 00-09-5b-ef-23-dd dynamic

The address should probably be your default gateway.

ipconfig /all |find "Gateway"
Default Gateway . . . . . . . . . : 192.168.1.1

--
Clarence A Dold - Hidden Valley Lake, CA, USA GPS: 38.8,-122.5

On Fri, 18 Jan 2008 13:25:22 -0800 (PST), Rick Onanian
<(E-Mail Removed)> wrote in
<f0de0eba-10c3-4238-a2a5-(E-Mail Removed)>:

>On Jan 18, 4:15*pm, John Navas <spamfilt...@navasgroup.com> wrote:

>> "ipconfig /all" can be run in a CMD window to get the MAC address.
>
>It doesn't show me the MAC of the AP for me, just the MAC of the
>computer's WiFi card.

Check router IP from ipconfig against values displayed by "arp -a".

>> No rogue AP should be an issue with WPA. *Is that not bring used?!
>
>It is not being used. It's a campus network and we do not use
>encryption. We do use http://netreg.sourceforge.net/ for
>authentication for our students, both for WiFi and wired.

Yikes! That means all wireless is unencrypted and easily snooped.
I would strongly recommend WPA Enterprise for that kind of environment.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

John Navas wrote:
> On Fri, 18 Jan 2008 13:25:22 -0800 (PST), Rick Onanian
> <(E-Mail Removed)> wrote in
> <f0de0eba-10c3-4238-a2a5-(E-Mail Removed)>:
>
>> On Jan 18, 4:15 pm, John Navas <spamfilt...@navasgroup.com> wrote:
>
>>> "ipconfig /all" can be run in a CMD window to get the MAC address.
>> It doesn't show me the MAC of the AP for me, just the MAC of the
>> computer's WiFi card.
>
> Check router IP from ipconfig against values displayed by "arp -a".
>
>>> No rogue AP should be an issue with WPA. Is that not bring used?!

>> It is not being used. It's a campus network and we do not use
>> encryption.
>
> Yikes! That means all wireless is unencrypted and easily snooped.
> I would strongly recommend WPA Enterprise for that kind of environment.

I'd agree, but it would obviously require all the students to have
WPA-Enterprise capable laptops, and to be tech-savvy enough to configure
it. This may be impractical to insist on.

Also your WPA key would be public knowledge to thousands of geeks.....
may as well not bother...



--
Mark McIntyre

CLC FAQ <http://c-faq.com/>
CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>

On Fri, 18 Jan 2008 23:59:00 +0000, Mark McIntyre
<(E-Mail Removed)> wrote in
<(E-Mail Removed)>:

>John Navas wrote:

>> Yikes! That means all wireless is unencrypted and easily snooped.
>> I would strongly recommend WPA Enterprise for that kind of environment.
>
>I'd agree, but it would obviously require all the students to have
>WPA-Enterprise capable laptops, and to be tech-savvy enough to configure
>it. This may be impractical to insist on.

Readily available on all platforms in a college environment, and very
easy to configure and use.

>Also your WPA key would be public knowledge to thousands of geeks.....
>may as well not bother...

On the contrary -- with WPA Enterprise, each user has unique
credentials, and all sessions are isolated with one-time keys; i.e.,
user 1 can't sniff traffic of user 2 even with the unique credentials
for user 2.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

(E-Mail Removed) wrote:
> Rick Onanian <(E-Mail Removed)> wrote:
>> Running XP, using the wireless zero configuration service, I need to
>> find out the MAC address of the access point that I'm connected to.
>
> arp -a will show the MAC addresses on you local LAN. If you are
> connected via WiFi, it should probably show only the AP.
>
> Interface: 192.168.1.2 --- 0x2
> Internet Address Physical Address Type
> 192.168.1.1 00-09-5b-ef-23-dd dynamic
>
> The address should probably be your default gateway.
>
> ipconfig /all |find "Gateway"
> Default Gateway . . . . . . . . . : 192.168.1.1

interesting....
I have a separate AP (just AP, not a combo router)
and then a normal router.
The MAC of the AP has no reason to appear in any list,
since it is never used in an ARP exchange.
It only showed in a ARP -a when I explicity Ping'd it.