Does `arp-scan` not work well in a wifi created by a hotspot?












2















When I use a wifi hotspot, sometimes I can't use sudo arp-scan -l to see other devices (except the hotspot), but sometimes I can see another laptop, but I never see another android phone. (The hotspot is borrowed from a public library, and the first hotspot I have ever used, so I don't know about it but guess its model is Alcatel Mw41 based on its appearance.)



When I use a router, most always I can see the other two devices (sometimes not).



I was wondering if a hotspot works differently, or arp-scan doesn't work sometimes?



Thanks.










share|improve this question

























  • Is the connection encrypted (WPA, WPA2)? If yes, you won't see other devices, unless they broadcast or multicast, because all communication is between each client and the AP.

    – dirkt
    5 hours ago











  • Thanks. Both wifi networks are WPA2. But I can see other devices in the router's wifi, not in the hotspot's wifi.

    – Tim
    1 hour ago


















2















When I use a wifi hotspot, sometimes I can't use sudo arp-scan -l to see other devices (except the hotspot), but sometimes I can see another laptop, but I never see another android phone. (The hotspot is borrowed from a public library, and the first hotspot I have ever used, so I don't know about it but guess its model is Alcatel Mw41 based on its appearance.)



When I use a router, most always I can see the other two devices (sometimes not).



I was wondering if a hotspot works differently, or arp-scan doesn't work sometimes?



Thanks.










share|improve this question

























  • Is the connection encrypted (WPA, WPA2)? If yes, you won't see other devices, unless they broadcast or multicast, because all communication is between each client and the AP.

    – dirkt
    5 hours ago











  • Thanks. Both wifi networks are WPA2. But I can see other devices in the router's wifi, not in the hotspot's wifi.

    – Tim
    1 hour ago
















2












2








2








When I use a wifi hotspot, sometimes I can't use sudo arp-scan -l to see other devices (except the hotspot), but sometimes I can see another laptop, but I never see another android phone. (The hotspot is borrowed from a public library, and the first hotspot I have ever used, so I don't know about it but guess its model is Alcatel Mw41 based on its appearance.)



When I use a router, most always I can see the other two devices (sometimes not).



I was wondering if a hotspot works differently, or arp-scan doesn't work sometimes?



Thanks.










share|improve this question
















When I use a wifi hotspot, sometimes I can't use sudo arp-scan -l to see other devices (except the hotspot), but sometimes I can see another laptop, but I never see another android phone. (The hotspot is borrowed from a public library, and the first hotspot I have ever used, so I don't know about it but guess its model is Alcatel Mw41 based on its appearance.)



When I use a router, most always I can see the other two devices (sometimes not).



I was wondering if a hotspot works differently, or arp-scan doesn't work sometimes?



Thanks.







wifi wifi-hotspot arp






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 4 hours ago







Tim

















asked 5 hours ago









TimTim

27.6k78264477




27.6k78264477













  • Is the connection encrypted (WPA, WPA2)? If yes, you won't see other devices, unless they broadcast or multicast, because all communication is between each client and the AP.

    – dirkt
    5 hours ago











  • Thanks. Both wifi networks are WPA2. But I can see other devices in the router's wifi, not in the hotspot's wifi.

    – Tim
    1 hour ago





















  • Is the connection encrypted (WPA, WPA2)? If yes, you won't see other devices, unless they broadcast or multicast, because all communication is between each client and the AP.

    – dirkt
    5 hours ago











  • Thanks. Both wifi networks are WPA2. But I can see other devices in the router's wifi, not in the hotspot's wifi.

    – Tim
    1 hour ago



















Is the connection encrypted (WPA, WPA2)? If yes, you won't see other devices, unless they broadcast or multicast, because all communication is between each client and the AP.

– dirkt
5 hours ago





Is the connection encrypted (WPA, WPA2)? If yes, you won't see other devices, unless they broadcast or multicast, because all communication is between each client and the AP.

– dirkt
5 hours ago













Thanks. Both wifi networks are WPA2. But I can see other devices in the router's wifi, not in the hotspot's wifi.

– Tim
1 hour ago







Thanks. Both wifi networks are WPA2. But I can see other devices in the router's wifi, not in the hotspot's wifi.

– Tim
1 hour ago












1 Answer
1






active

oldest

votes


















1














In several implementations of wireless APs either domestic or enterprise, you can choose whether or not you can allow the clients from talking with each other.



If that security measure is enabled, the clients will be only able to talk with the AP/the outside networks, but not with other clients under the same network/AP/controller.



From the top of my head, an examples, OpenWRT, Cisco and Meru allow to configure whether that happens (or not). It is a pretty common technology on several brands.



As an example, From the OpenWRT page



LEDE/OpenWRT — Setting Up Client Isolation




Client Isolation is a security feature that prevents wireless clients
on that network from interacting with each other, which can be enabled
on networks in AP mode.




In Enterprise Cisco parlance, it is know as "Peer-to-Peer Blocking"



From Cisco Wireless LAN Controller Configuration Guide




Peer-to-peer blocking is applied to individual WLANs, and each client
inherits the peer-to-peer blocking setting of the WLAN to which it is
associated. Peer-to-Peer enables you to have more control over how
traffic is directed. For example, you can choose to have traffic
bridged locally within the controller, dropped by the controller, or
forwarded to the upstream VLAN.



Peer-to-peer blocking is supported for clients that are associated
with the local switching WLAN.




Also, I could found some vague references the Alcatel family of models the OP/@Tim is mentioning calling it "Denying inter user traffic"



PS. I have enabled client isolation in my OpenWRT at home. Back in my former job, we also enabled this "feature" in wide-area campus network of Meru aka Fortinet APs.






share|improve this answer

























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f505523%2fdoes-arp-scan-not-work-well-in-a-wifi-created-by-a-hotspot%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    In several implementations of wireless APs either domestic or enterprise, you can choose whether or not you can allow the clients from talking with each other.



    If that security measure is enabled, the clients will be only able to talk with the AP/the outside networks, but not with other clients under the same network/AP/controller.



    From the top of my head, an examples, OpenWRT, Cisco and Meru allow to configure whether that happens (or not). It is a pretty common technology on several brands.



    As an example, From the OpenWRT page



    LEDE/OpenWRT — Setting Up Client Isolation




    Client Isolation is a security feature that prevents wireless clients
    on that network from interacting with each other, which can be enabled
    on networks in AP mode.




    In Enterprise Cisco parlance, it is know as "Peer-to-Peer Blocking"



    From Cisco Wireless LAN Controller Configuration Guide




    Peer-to-peer blocking is applied to individual WLANs, and each client
    inherits the peer-to-peer blocking setting of the WLAN to which it is
    associated. Peer-to-Peer enables you to have more control over how
    traffic is directed. For example, you can choose to have traffic
    bridged locally within the controller, dropped by the controller, or
    forwarded to the upstream VLAN.



    Peer-to-peer blocking is supported for clients that are associated
    with the local switching WLAN.




    Also, I could found some vague references the Alcatel family of models the OP/@Tim is mentioning calling it "Denying inter user traffic"



    PS. I have enabled client isolation in my OpenWRT at home. Back in my former job, we also enabled this "feature" in wide-area campus network of Meru aka Fortinet APs.






    share|improve this answer






























      1














      In several implementations of wireless APs either domestic or enterprise, you can choose whether or not you can allow the clients from talking with each other.



      If that security measure is enabled, the clients will be only able to talk with the AP/the outside networks, but not with other clients under the same network/AP/controller.



      From the top of my head, an examples, OpenWRT, Cisco and Meru allow to configure whether that happens (or not). It is a pretty common technology on several brands.



      As an example, From the OpenWRT page



      LEDE/OpenWRT — Setting Up Client Isolation




      Client Isolation is a security feature that prevents wireless clients
      on that network from interacting with each other, which can be enabled
      on networks in AP mode.




      In Enterprise Cisco parlance, it is know as "Peer-to-Peer Blocking"



      From Cisco Wireless LAN Controller Configuration Guide




      Peer-to-peer blocking is applied to individual WLANs, and each client
      inherits the peer-to-peer blocking setting of the WLAN to which it is
      associated. Peer-to-Peer enables you to have more control over how
      traffic is directed. For example, you can choose to have traffic
      bridged locally within the controller, dropped by the controller, or
      forwarded to the upstream VLAN.



      Peer-to-peer blocking is supported for clients that are associated
      with the local switching WLAN.




      Also, I could found some vague references the Alcatel family of models the OP/@Tim is mentioning calling it "Denying inter user traffic"



      PS. I have enabled client isolation in my OpenWRT at home. Back in my former job, we also enabled this "feature" in wide-area campus network of Meru aka Fortinet APs.






      share|improve this answer




























        1












        1








        1







        In several implementations of wireless APs either domestic or enterprise, you can choose whether or not you can allow the clients from talking with each other.



        If that security measure is enabled, the clients will be only able to talk with the AP/the outside networks, but not with other clients under the same network/AP/controller.



        From the top of my head, an examples, OpenWRT, Cisco and Meru allow to configure whether that happens (or not). It is a pretty common technology on several brands.



        As an example, From the OpenWRT page



        LEDE/OpenWRT — Setting Up Client Isolation




        Client Isolation is a security feature that prevents wireless clients
        on that network from interacting with each other, which can be enabled
        on networks in AP mode.




        In Enterprise Cisco parlance, it is know as "Peer-to-Peer Blocking"



        From Cisco Wireless LAN Controller Configuration Guide




        Peer-to-peer blocking is applied to individual WLANs, and each client
        inherits the peer-to-peer blocking setting of the WLAN to which it is
        associated. Peer-to-Peer enables you to have more control over how
        traffic is directed. For example, you can choose to have traffic
        bridged locally within the controller, dropped by the controller, or
        forwarded to the upstream VLAN.



        Peer-to-peer blocking is supported for clients that are associated
        with the local switching WLAN.




        Also, I could found some vague references the Alcatel family of models the OP/@Tim is mentioning calling it "Denying inter user traffic"



        PS. I have enabled client isolation in my OpenWRT at home. Back in my former job, we also enabled this "feature" in wide-area campus network of Meru aka Fortinet APs.






        share|improve this answer















        In several implementations of wireless APs either domestic or enterprise, you can choose whether or not you can allow the clients from talking with each other.



        If that security measure is enabled, the clients will be only able to talk with the AP/the outside networks, but not with other clients under the same network/AP/controller.



        From the top of my head, an examples, OpenWRT, Cisco and Meru allow to configure whether that happens (or not). It is a pretty common technology on several brands.



        As an example, From the OpenWRT page



        LEDE/OpenWRT — Setting Up Client Isolation




        Client Isolation is a security feature that prevents wireless clients
        on that network from interacting with each other, which can be enabled
        on networks in AP mode.




        In Enterprise Cisco parlance, it is know as "Peer-to-Peer Blocking"



        From Cisco Wireless LAN Controller Configuration Guide




        Peer-to-peer blocking is applied to individual WLANs, and each client
        inherits the peer-to-peer blocking setting of the WLAN to which it is
        associated. Peer-to-Peer enables you to have more control over how
        traffic is directed. For example, you can choose to have traffic
        bridged locally within the controller, dropped by the controller, or
        forwarded to the upstream VLAN.



        Peer-to-peer blocking is supported for clients that are associated
        with the local switching WLAN.




        Also, I could found some vague references the Alcatel family of models the OP/@Tim is mentioning calling it "Denying inter user traffic"



        PS. I have enabled client isolation in my OpenWRT at home. Back in my former job, we also enabled this "feature" in wide-area campus network of Meru aka Fortinet APs.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited 4 hours ago

























        answered 4 hours ago









        Rui F RibeiroRui F Ribeiro

        41.4k1481140




        41.4k1481140






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f505523%2fdoes-arp-scan-not-work-well-in-a-wifi-created-by-a-hotspot%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            CARDNET

            Boot-repair Failure: Unable to locate package grub-common:i386

            濃尾地震