When i goto Network and sharing center & click on Show Full Map, the computer issues a random mac address.
The switch is configured to block unauthorized mac addresses. Due to this the port is blocked and the user has no access to the network.The MAC coming up in the logs of the switch is different than the actual MAC address.
The drivers are updated.
Cisco switch is being used without NAC.This issue is there in Windows 7 only have checked a Vista machine for this issue and it is working fine. The MAC address which is coming up in the logs is of Microsoft. I checcked it on this website. http://www.techzoom.net/lookup/check-mac.en .
The Network Card is of Intel 82566DM-2.
LAN Switch LOG capture details :
Nov 17 11:18:28.011 IST: %PM-4-ERR_DISABLE: psecure-violation error detected on Gi4/14, putting Gi4/14 in err-disable state
Nov 17 11:18:28.015 IST: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000d.3adb.8600 on port GigabitEthernet4/14.
Nov 17 11:18:29.011 IST: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet4/14, changed state to down.
- Edited by smjavvey Wednesday, December 02, 2009 3:38 PM mistake
To make the issue clear, please capture a screenshot on where you noticed this issue for our further research:
Capture a screenshot
1) Press the Print Screen key (PrtScn) on your keyboard.
2) Click the "Start" menu, type "mspaint" in the Search Bar and Press Enter.
3) In the Paint program, click the "Edit" menu, click "Paste", click the "File" menu, and click "Save".
4) The "Save As" dialogue box will appear. Type a file name in the "File name:" box, for example: "screenshot".
5) Make sure "JPEG (*.JPG;*.JPEG;*.JPE;*.JFIF)" is selected in the "Save as type" box, click “Desktop” on the left pane and then click "Save".
Please upload the screenshot to Windows Live SkyDrive and share its URL with us.
Nicholas Li - MSFT
I work for a MS Partner company and recieved this complain at a customer site. The only details i could collect were the switch log and the screen shot for the LAN card detail on the machine. Have uploaded the capture here is the screen shot
Thank you for your update and I also appreciate your efforts on gathering the information.
At this time, I just want to know if there are any virtual machines on the network?
Nicholas Li - MSFT
Is this issue related to a bug that I discovered in that Win7 misreads NIC MAC addresses?
As of now have been able to find MAC address of only two VMs which are running on Hyper-V.These are not coming up in the switch logs.
Mac addresses of the virtual machines
Just another point, the desktop’s and the VM’s are on two different LAN’s with just port 80 allowed on these VM’s.
Wil update as soon as i get more Info.
I experience the same problem and I'm also connected to Cisco switch which bans me for unknown MAC. Recent events:
2010-01-05 19:22:27.351642 port-security MAC=00:0D:3A:FD:EA:1B 2010-01-07 01:51:14.527361 port-security MAC=00:0D:3A:E1:C1:14
I have Virtual PC with one virtual machine running Windows XP. But this machine is configured to access network through NAT so it's MAC (00-03-FF-FE-FF-FF) can't be visible. Thus I'm sure it is some strange Windows 7 bug, probably described by MS as a feature... I would be glad to turn it off.
- Proposed as answer by planchez Wednesday, May 26, 2010 3:00 PM
Sorry, I miss proposed Grzegorz answer, I’m new at this.
As far as I know, what you are looking at is a Windows 7 documented behavior.
Take a look to de LLDP in http://download.microsoft.com/download/a/f/7/af7777e5-7dcd-4800-8a0a-b18336565f5b/LLTD-spec.doc
- Proposed as answer by planchez Wednesday, May 26, 2010 3:16 PM
are you referring the passage on page 7 which identifies reserved topology discovery addresses 00-0D-3A-D7-F1-40 through 00-0D-3A-FF-FF-FF ?
you have a sharp eye, friend. that OUI (MAC) 00-0D-3A-xx-xx-xx is in fact registered to Microsoft Corp.
you also have more patience than me.
so, would you try to solve this problem by turning off Link-Layer Topology Discovery (Mapper and Responder) and QoS Packet Scheduler services in all adapters' Network Connection Properties dialogs?
I had read the previous response and I still don't really quite understand, what is the trigger for the LLTD to use/generate the MAC address on the exception of when the user click on "See full map". As I do like to use file sharing and network discovery function for my environment where laptops will be plug into the switch port.
- Edited by soongwc Thursday, April 04, 2013 2:52 PM