+ 0 Votes Do you have admin access to router? jemorris 3 years ago Also do you have administrator access to your router/switch? + 0 Votes Identify the "extra" connection in your router. plevin 3 years ago Go into your router's connection list and associate each connection with its respective device. You'll probably be able to identify most of the connections. Turn off at the connection list any wireless connections you can't identify, or unplug any wired ones. You'll find out very quickly who the mystery guest is! + 1 Votes Deny it from DHCP robert_j_dixon Updated - 3 years ago If you are using DHCP, use arp, find the offending machines MAC address, then configure the DHCP server not to give that MAC address an IP address, or one that won't route or similar. Then wait for the scream :-) You might also look-up the MAC to see who made the NIC, to help identify which machine it is. + 0 Votes thanks silvacala 3 years ago I have administrative privileges to the router, and we dont use dhcp, it's not wireless network, it is a wired network. + 0 Votes thanks silvacala 3 years ago I have administrative privileges to the router, and we dont use dhcp, it's not wireless network, it is a wired network. + 0 Votes Firewall? tmcclure 3 years ago If you have a central firewall, you may be able to block internet traffic to and from the offending host. + 1 Votes Block it at the firewall VBJackson 3 years ago If you know the specific IP address, and can add rules to your firewall, then the best option is to add a rule "Deny [IP Address] Outbound ANY" as the first rule ( or however you firewall displays the rules). This will block the user from all internet access. I would also recommend that you log back in to the firewall after a couple of days and make sure the rule is still there, just in case the problem user turns out to be someone that ALSO has access to the firewall. + 2 Votes Look for the mac address in the switch Martin Thor-Kristiansen 3 years ago If the pc i sconnected to a switch you can look for the mac address at the switch to see witch port the mac address is connected to. This way you can find the pc or shutdown the switchport the pc is connected to. + 1 Votes Use an ACL to deny the traffic jwaustin Updated - 2 years ago Create an ACL like 'access-list 43 deny 10.122.12.13' then apply it on the interface that leads to the Internet. Be sure to extend the ACL so it only drops protocols or ports that violate your AUP. Make sure the change is within your authority.