How to see all IP addresses on network: A guide for IT professionals

 Published by Sascha Neumeier
Last updated on September 05, 2025 • 23 minute read

It's one of those moments when you have to find a particular device on your network but have no idea what IP address to use to reach it. Or maybe you are troubleshooting connectivity issues and want to see what devices are online (and which are not). Or just want to know who is connected to your home Wi-Fi…for whatever reason, being able to see all IP addresses on a network is a useful skill to have in IT (and even for home users).

IP addresses are the "mailing addresses" of the internet. Packets need to know where to go or they'll just get lost. But, unlike snail-mail envelopes, IP addresses are not usually visible "outside" of devices, making them effectively invisible until you know how to uncover them.

In this guide, I'll cover everything you need to know about finding all IP addresses on a network. From command line methods to advanced network scanning tools, I'll show you step-by-step techniques to uncover all IP addresses in any situation - whether you are working with Windows, macOS, Linux, or even larger enterprise networks.

how to see all ip addresses on network a guide for it professionals

Understanding the basics: IP addresses, subnets, and ARP

Before we jump into how to find all IP addresses on a network, let's quickly recap some networking basics that will help you understand the different methods you can use to do so.

An IP address is a logical address that uniquely identifies a device on a network. IPv4 addresses (like 192.168.1.100) are the most common, but IPv6 addresses (such as fe80::192.168.1.100) are slowly gaining adoption as well. These IP addresses are typically assigned by a DHCP server on your network (generally the router) and the DHCP server will keep track of which IP addresses have been assigned to which devices.

A subnet (short for "subnetwork") is a network identified by a subnet mask. Subnets break up larger networks into smaller pieces. The most common subnet mask for home and office networks is 255.255.255.0. The subnet mask determines how many of the bits in an IP address are for the network identifier and how many bits are for the host identifier.

The Address Resolution Protocol (ARP) is a networking protocol that helps in IP discovery. ARP maps an IP address to a MAC address (a physical hardware address unique to a device's network interface). All computers and servers keep an ARP table in memory of IP-to-MAC mappings for all devices they have recently communicated with.

Finding all IP addresses on a network

Ok, now that we understand the basic building blocks of networking, let's start uncovering those hidden IP addresses. There are several methods and tools we can use depending on your situation and environment.

Windows methods: From basic to advanced

Windows has a number of built-in tools for IP discovery, from simple Command Prompt commands to more advanced scripting options.

Using Command Prompt

The easiest way is to use the built-in Command Prompt:

  1. Press Win+R, type cmd, and press Enter to open Command Prompt
  2. Type ipconfig and press Enter to see your own IP address, subnet mask, and default gateway (router)
  3. To see other devices on the network that your computer has ever communicated with, type arp -a and press Enter

This arp -a command will show you the ARP table that contains a list of IP addresses and their resolved MAC addresses (you can find out more about ARP and its table on my other networking blog post). But your ARP table only contains devices that your computer has already talked to directly and is actively using. To see all devices (or at least most of them) on your local subnet, you can first ping your subnet broadcast address, which will wake up all devices and make them "talk to you":

for /L %i in (1,1,254) do ping -n 1 -w 100 192.168.1.%i

Copy and paste the above command into your Command Prompt window, hitting Enter at the end, and it will silently ping all addresses in your subnet one after the other. After running this "ping sweep", run arp -a again and you should see a much longer list of devices.

Using PowerShell

Windows PowerShell is another powerful option with great networking capabilities:

  1. Press Win+X and select "Windows PowerShell" or "Windows PowerShell (Admin)" to open it
  2. To see your network configuration, type Get-NetIPConfiguration and press Enter
  3. To actually scan for IP addresses, you can use:
1..254 | ForEach-Object { 
$ip = "192.168.1.$_" 
$ping = New-Object System.Net.NetworkInformation.Ping 
$result = $ping.Send($ip, 100) 
if ($result.Status -eq "Success") { $ip } 
}

Replace "192.168.1" with your actual network prefix, and this PowerShell script will ping every single IP address and output the ones that respond to the screen.

Using GUI tools in Windows

If you are a more graphical person, Windows also has some GUI tools:

  1. Network and Sharing Center: This is the most obvious place to check your own IP settings. You can get there from Control Panel, or by right-clicking the network icon in the system tray. Click on your current network connection, then "Details" to see your IP configuration (IPv4 and IPv6 if applicable).
  2. Resource Monitor: Press Win+R, type resmon, and go to the "Network" tab. Here, you can see all your active network connections in the "TCP Connections" section.

Of course, if you want to be more comprehensive, there are also free third-party tools like Advanced IP Scanner or Angry IP Scanner. These Windows applications have pretty intuitive user interfaces (as well as command-line versions). They not only help you see all IPs on a network, but also resolve hostnames, show MAC addresses, list open ports, perform ping sweeps, and export results to CSV, among other features.

macOS and Linux methods: Command-line power

macOS and Linux-based operating systems like Ubuntu provide some of the most powerful built-in command-line tools for network discovery.

macOS IP discovery

To find out IP addresses on a Mac:

  1. Open Terminal
  2. Type ifconfig or ip addr and press Enter to see your own IP configuration
  3. Type arp -a and press Enter to see your ARP table
  4. To wake up devices and make them appear in your ARP table, you can ping your subnet broadcast address: ping -c 1 192.168.1.255 (replace this with your actual broadcast address)
  5. For a more thorough scan of all devices on your subnet, you will first need to install nmap (a powerful network scanner) with Homebrew, a package manager: brew install nmap
  6. Once nmap is installed, you can run nmap -sn 192.168.1.0/24 to scan your subnet for all active devices

Linux/Ubuntu IP discovery

On Linux systems, most of the commands are very similar:

  1. Open Terminal
  2. Type ifconfig or ip addr to see your own IP configuration
  3. Type ip neigh or arp -a to see your ARP table
  4. netstat -r will show your routing table, useful for seeing your subnet, etc.

You can also use nmap for scanning. First, install nmap with sudo apt-get install nmap then scan your subnet for all active devices with: sudo nmap -sn 192.168.1.0/24

You can combine these commands with grep to help filter results:

nmap -sn 192.168.1.0/24 | grep -B 1 "MAC Address"

This command will find all active devices and show their corresponding IP and MAC addresses.


Network scanning tools: Beyond the basics

Command-line tools are great, but if you want something more feature-rich and user-friendly for more comprehensive network discovery, dedicated network scanning tools are a better option.

Nmap: The network mapper

Nmap (Network Mapper) is the de-facto standard for network scanning and is available for Windows, macOS, and Linux. It is extremely powerful, but has a steeper learning curve. It can do everything from basic host discovery to operating system and service detection:

  • Host discovery: nmap -sn 192.168.1.0/24
  • OS detection: nmap -O 192.168.1.0/24
  • Service/port scanning: nmap -sV 192.168.1.0/24
  • Output to files in various formats (XML, CSV, etc.)

For example, to find all devices and their hostnames on your network, you can use:

nmap -sn --dns-servers 192.168.1.1 192.168.1.0/24

Replace 192.168.1.1 with your DNS server IP address (usually the router).

Angry IP Scanner

If you prefer a more user-friendly option, Angry IP Scanner is a fast and cross-platform tool with a very simple GUI. Here's how to use it:

  1. Enter the range of IP addresses you want to scan (e.g. 192.168.1.1-192.168.1.254)
  2. Check the details you want to gather from each IP address (hostname, MAC address, etc.)
  3. Click "Start" to begin the scan
  4. Export the results to CSV (or other formats) for record-keeping/documentation

Advanced IP Scanner

Advanced IP Scanner is similar but provides more features and requires Windows:

  • Remote access to shared folders and network resources
  • Remote control of computers using RDP and Radmin
  • MAC address vendor lookup (hardware manufacturer)
  • HTTP/HTTPS/FTP detection and even resource listing

Router-based methods: The central hub

Your router is the central device that manages all network connections, and will typically also have a list of all devices connected to the network.

Accessing your router

  1. Find your router's IP address (usually the default gateway printed on the device, or reported by ipconfig or ifconfig)
  2. Open a web browser and enter the router IP address (e.g. http://192.168.1.1)
  3. Log in using your router admin credentials
  4. Look for sections like "Connected Devices", "DHCP Clients", "Client List", or something similar

Routers usually have a table with:

  • Device names (hostnames)
  • IP addresses (both active and DHCP reserved)
  • MAC addresses
  • Connection type (wired/Wi-Fi)
  • DHCP lease times (lease duration/due date)

This is very convenient for home networks as most network management functions are handled by the router, so all this information is typically available in one place.

Enterprise IP address management

In larger networks with more staff involved in networking, more sophisticated methods for IP address management (IPAM) are necessary.

DHCP server logs

If you are running your own DHCP server:

  1. Access the DHCP server console
  2. Check the list of active leases in the DHCP management interface
  3. You can usually export this list in some formats for documentation

DNS records

DNS servers also have records that map hostnames to IP addresses:

  1. If you have Windows Server, open the DNS Manager
  2. On Linux servers, you can look at the zone files or use dig or host commands
  3. Find A records (IPv4) or AAAA records (IPv6)

Network monitoring tools for IP management

There are a number of enterprise-grade network monitoring tools that have built-in IP address monitoring features, such as PRTG Network Monitor. These have a lot more advanced functionality than just finding all IP addresses, such as:

  • Automatic discovery of all network devices and alerting when new devices are found
  • Real-time monitoring in your address space
  • Alerts when conflicting IP addresses are detected

As an example of PRTG's IP address monitoring features, in addition to automatically discovering all devices on your network, PRTG can do all of the above and more. This is because PRTG's IP address monitoring features are designed for more than just discovery – it is also continuously monitoring all the addresses in your IP address space to proactively alert you to any changes or problems before they can become larger issues.

Troubleshooting with IP discovery

The reason why you would really want to be able to see all IP addresses on a network is when you are troubleshooting specific issues like:

IP address conflicts

Occasionally, two devices on a network can be assigned the same IP address and bad things can happen. Detection involves looking for duplicate IP warnings in system logs, arp -aing for duplicate IP addresses with different MACs, and of course using a network scanner.

Rogue DHCP servers

Unauthorized DHCP servers on a network cause severe network disruption and can take a while to track down and fix. Detection involves Nmap scanning for DHCP servers (sudo nmap --script broadcast-dhcp-discover -e eth0), then comparing to the list of authorized DHCP servers (usually just one). Anything else you find should be further investigated.

Unauthorized devices

Unauthorized devices can cause a range of issues from security concerns to consuming network resources. Regular network scans can help identify new, unexpected devices appearing on the network. Once you have a baseline of approved devices and their MAC addresses, you can use a scheduled scanning process to help detect new devices. MAC addresses of new devices can then be looked up against vendor databases to try and determine what kind of device is connecting to the network.

Automating IP address discovery

In many cases, you won't want to do these network scans manually, but rather automate them. Scripting/programming is usually required, for example:

Scheduled scans with scripting

A simple bash script running in cron on Linux would look something like this:

#!/bin/bash 
#Linux example 
date >> /var/log/network_scan.log 
nmap -sn 192.168.1.0/24 >> /var/log/network_scan.log

This script would be scheduled to run in cron and append to a log file the results of a network scan. On Windows, you can do the same with PowerShell and Task Scheduler.


FAQ: Not-so-standard questions about IP discovery

Q: How can I determine if an IP address belongs to a physical or virtual machine?

A: This is much harder than just IP address discovery, but there are some things you can do to try and figure this out:

  1. MAC address analysis: Virtual machines often use MAC addresses with OUIs that belong to vendors that make virtualization software/hardware (the first half of a MAC address is the OUI which identifies the vendor)
  2. TTL analysis: You can usually distinguish between physical and virtual machines based on TTL (Time-To-Live) values in ping responses
  3. Port scanning: Virtual machines often have different open ports and may respond differently to certain port scans

One simple approach is to use Nmap with its operating system detection, e.g. : nmap -O 192.168.1.100 would give you some hints about this machine.

Q: How do I find devices that intentionally don't respond to pings?

A: Some devices are specifically configured to ignore ICMP ping requests for security reasons, so you can't simply ping-sweep the network to find them. However, you can:

  1. ARP scan rather than ICMP ping: nmap -sn -PR 192.168.1.0/24
  2. TCP scanning on common ports instead: nmap -sT -p 80,443,22,3389 192.168.1.0/24
  3. Check your router's "Connected Devices" list as this does not depend on devices responding
  4. Monitor network traffic to see devices that are not responding to pings but are actively communicating on the network

Q: Can I determine what types of devices are on my network just from an IP scan?

A: Basic IP scanning just shows you all the active IP addresses, but you can gather more information using other methods:

  1. MAC address vendor lookup (first half of MAC is OUI/vendor code)
  2. Port scanning and service detection (scan commonly used ports)
  3. DNS names often provide hints as to device type (printer, security-camera, etc.)
  4. TTL values in ping responses can also help suggest operating system

PRTG Network Monitor will automatically identify and classify a wide variety of device types based on these and other factors.

Bringing it all together: Comprehensive network visibility

Ok, so now you know how to see all IP addresses on a network using command line tools and various applications. But, the value doesn't come from just this step of discovery in and of itself, but from all the knowledge you gain from understanding and mapping out your entire network.

In many cases, for home users or small businesses, a periodic scan using the built-in tools or free applications like Angry IP Scanner are sufficient. This is especially true if you are only manually troubleshooting specific problems.

But, in many cases, particularly as your network scales up, the stakes are much higher. Network problems cause major productivity issues, lost revenue, and security risks in these environments. That's why more comprehensive solutions are required, and a tool like PRTG Network Monitor really shines.

PRTG provides automatic, continuous visibility into your entire network. In addition to providing IP address monitoring as one of the basic building blocks, PRTG goes further to do the following:

  • Automatic network discovery
  • Continuous monitoring of device availability and uptime
  • Performance monitoring of all network devices/services
  • Security monitoring with alerting of unauthorized devices
  • Historical data for troubleshooting, capacity planning, trend analysis
  • Customizable alerts and reports

PRTG Network Monitor provides much more than just IP address monitoring, but it's a critical part of your full network monitoring and management solution.

Ready to see what else you can do with PRTG? Try PRTG free for 30 days and experience how continuous network monitoring can revolutionize your network management.