How to get a list of all IP addresses (and ideally device names) on a LAN?
Solution 1
Using nmap to do a sweep of the subnet is one quick and simple way to do this that I've used before, the various options will allow you to do a more detailed inspection also.
Solution 2
If there's a unix box on the network, you could try arp-scan:
$ arp-scan --interface=eth0 192.168.0.0/24
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.4 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.0.1 00:c0:9f:09:b8:db QUANTA COMPUTER, INC.
192.168.0.3 00:02:b3:bb:66:98 Intel Corporation
192.168.0.5 00:02:a5:90:c3:e6 Compaq Computer Corporation
192.168.0.6 00:c0:9f:0b:91:d1 QUANTA COMPUTER, INC.
192.168.0.12 00:02:b3:46:0d:4c Intel Corporation
192.168.0.13 00:02:a5:de:c2:17 Compaq Computer Corporation
192.168.0.87 00:0b:db:b2:fa:60 Dell ESG PCBA Test
192.168.0.90 00:02:b3:06:d7:9b Intel Corporation
192.168.0.105 00:13:72:09:ad:76 Dell Inc.
192.168.0.153 00:10:db:26:4d:52 Juniper Networks, Inc.
192.168.0.191 00:01:e6:57:8b:68 Hewlett-Packard Company
192.168.0.251 00:04:27:6a:5d:a1 Cisco Systems, Inc.
192.168.0.196 00:30:c1:5e:58:7d HEWLETT-PACKARD
13 packets received by filter, 0 packets dropped by kernel
Ending arp-scan: 256 hosts scanned in 3.386 seconds (75.61 hosts/sec). 13
responded
Solution 3
Quick and dirty (on Linux):
$ ping -b 192.168.1.255
$ arp -a
Solution 4
As mentioned nmap (http://nmap.org/) is probably a good, quick and free option. Just be careful with it, there are some very aggressive options that could crash machines.
This command will do a simple ping sweep of the selected subnet and should be completely safe.
nmap -rP 192.168.1.1/24
Obviously, replace with your own network information.
You mentioned that a duplicate IP address was identified. Both machines should have generated a warning screen, which should allow you to identify the machines. If DHCP is used, then another request should have been generated and the problem may have self resolved.
Solution 5
A list of IP addresses on the LAN will be of limited help, as the issue is there are two machines trying to use the same IP address.
I would suggest that you attempt to find the MAC addresses of the two machines that are clashing.
What device logged the IP address conflict? Was it a server, router, etc.? Some platforms (Solaris and BSD) will log the MAC address of the offending host along with the error message. If the IP address in question is within one of your DHCP pools, it's also worth checking your DHCP server's logs for the MAC address it's attempting to assign that IP address to.
Failing that, I would recommend logging on to the default router of the subnet that this problem is occurring on, and monitoring the ARP table. There should be one IP address that flips between multiple MAC addresses; again, those two MAC addresses represent the devices you are interested in.
Once you have the MAC addresses of the two devices, you should be able to tie them to specific switch ports. This question provides more information on how to do that. You can also use an OUI lookup tool to help identify the manufacturer of each device.
Related videos on Youtube
peter
I started programming in high school, making my own versions of popular games (Lunar Lander). I wrote some parts in Assembly Language. I eventually bootstrapped a healthcare startup to $3M revenue. I began my professional career working for consulting firms, then started my own software company and created 17 programs providing speech therapy to stroke survivors . I marketed and sold it worldwide. A few years ago, I fully automated my company so it wouldn’t need my involvement, freeing me for new challenges. I’ve spent my career helping technical and non-technical stakeholders understand each other’s needs. A few years ago, I returned to consulting, sharpening my skills in areas that I most enjoyed as a business owner. As I took classes and read a wide range of books, what particularly resonated was the importance of listening. For example, each sale happens in the prospect’s mind. They know what they want. They’ll tell us if we ask and listen with genuine curiosity. I first learned this selling our software. After I explained what a patient needed, caregivers often asked “how did you know exactly what we need?”. I just smiled, never revealing my secret: I asked curious questions. You told me. I listened. It turns out, that’s helpful in all sales, and all communication. I’ve loved consulting with a variety of businesses, but I miss learning & growing with a team working toward a common purpose. My Resume Portfolio
Updated on September 17, 2022Comments
-
peter over 1 year
Our network gave an error that there was an IP address conflict and I'd like to find what all the device IP addresses are. (I've also had need of that before). (update/clarification:I'm looking for a Windows-based too.)
Any suggestions?
I've read suggestions for various tools (Look@Lan, Angry IP Scanner) and I'm looking for suggestions from people who have used these or other tools.
-
Stevoisiak almost 6 years
-
-
lImbus almost 15 yearsjust tried that out. could it be some hosts do not respond to broadcasts ? or is this a sure thing I misconfigured the subnetmask on them ?
-
Ivan almost 15 yearsNo, some could not be responding (firewall?).
-
jns almost 15 yearsIt is true that many hosts won't respond to broadcasts, but +1 for running arp -a after running nmap. :)
-
jns almost 15 yearsI meant ping, not nmap
-
Kara Marfia almost 15 yearsIf there's a DHCP server trying to assign that IP, there should be a log entry containing the offending MAC address.
-
bk1e almost 15 yearsWith the MAC address, you can also look up the manufacturer of the device or NIC using standards.ieee.org/regauth/oui/index.shtml
-
Murali Suriar almost 15 years@Kara,bk1e: both good points, answer updated accordingly.
-
Déjà vu over 13 yearsVery handy tool.
-
Shaun Luttin over 8 yearsTo set the target of your nmap scan, determine your default gateway by running
ipconfig
from the command prompt. Use it in the target field, e.g. Target:192.168.1.1/24
. Then click scan. -
Craig Tullis almost 8 yearsDefinitely handy, although note that it gives you the manufacturer of the NIC, not the network name of the device.
-
Lucky over 7 yearsRelated answer : serverfault.com/a/30742/199688
-
pseudosavant about 7 yearsFWIW,
arp -a
worked for me on Windows 10 too. -
simpleuser about 6 yearsFor later versions of nmap, the command is: nmap -r -sn 192.168.1.0/24
-
AveryFreeman over 5 yearsAlso available for other platforms, as it is Java. I've been using it on Mac and Linux for years.
-
Admin about 2 years@simpleuser Thanks. I downloaded nmap.org for Windows and ran
nmap -sn -r 192.168.0.0/24
in PowerShell as Admin.