Method and system for detecting use of wrong internet protocol address

What is claimed is: 1 . A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operation comprising: maintaining a range of valid IP addresses for a particular IP subnet; receiving a message from a first wireless client device by an access point on the particular IP subnet; determining a source IP address in the message received on the particular IP subnet; determining that the source IP address does not match the range of valid IP addresses for the particular IP subnet; responsive at least to determining that the source IP address does not match the range of valid IP addresses for the particular IP subnet: transmitting at least one message that causes the first wireless client device to request a new IP address. 2 . The medium of claim 1 , wherein maintaining the range of valid IP addresses comprises: snooping a DHCP message transmitted to a second wireless client device on the particular IP subnet; based on the DHCP message identifying the range of valid IP addresses on the particular IP subnet. 3 . The medium of claim 2 , wherein identifying the range of valid IP addresses on the particular IP subnet in the DHCP message comprises: determining a subnet mask, corresponding to the particular IP subnet, indicated in the DHCP message and identifying the range of valid IP addresses on the particular IP subnet based on the subnet mask. 4 . The medium of claim 3 , wherein receiving the message from the first wireless client device is performed subsequent to the first wireless client device being assigned the source IP address while on a second IP subnet and roaming from the second IP subnet to the particular IP subnet. 5 . The medium of claim 2 , wherein the DHCP message is a DHCP acknowledgement message. 6 . The medium of claim 2 , wherein the DHCP message is a DHCP offer message. 7 . The medium of claim 1 , wherein the range of valid IP addresses for the particular IP subnet is determined by snooping one or more messages on the particular IP subnet. 8 . The medium of claim 1 , wherein the range of valid IP addresses for the particular IP subnet is determined based on a configuration stored at a network device on the particular IP subnet. 9 . The medium of claim 1 , wherein the range of valid IP addresses for the particular IP subnet is determined by snooping a route advertisement message. 10 . The medium of claim 1 , wherein the at least one message comprises a De-Association message and a De-Authentication message. 11 . The medium of claim 1 , wherein the at least one message comprises a De-Association message sent to the wireless client device. 12 . The medium of claim 1 , wherein the at least one message comprises a De-Authentication message. 13 . The medium of claim 12 , wherein the de-authentication message is transmitted to a second network device storing authentication information corresponding to the wireless client device. 14 . A system comprising: at least one device including a hardware processor; the system being configured to perform operations comprising: maintaining a range of valid IP addresses for a particular IP subnet; receiving a message from a first wireless client device by an access point on the particular IP subnet; determining a source IP address in the message received on the particular IP subnet; determining that the source IP address does not match the range of valid IP addresses for the particular IP subnet; responsive at least to determining that the source IP address does not match the range of valid IP addresses for the particular IP subnet: transmitting at least one message that causes the first wireless client device to request a new IP address. 15 . The system of claim 14 , wherein maintaining the range of valid IP addresses comprises: snooping a DHCP message transmitted to a second wireless client device on the particular IP subnet; based on the DHCP message identifying the range of valid IP addresses on the particular IP subnet. 16 . The system of claim 15 , wherein identifying the range of valid IP addresses on the particular IP subnet in the DHCP message comprises: determining a subnet mask, corresponding to the particular IP subnet, indicated in the DHCP message and identifying the range of valid IP addresses on the particular IP subnet based on the subnet mask. 17 . The system of claim 16 , wherein receiving the message from the first wireless client device is performed subsequent to the first wireless client device being assigned the source IP address while on a second IP subnet and roaming from the second IP subnet to the particular IP subnet. 18 . The system of claim 15 , wherein the DHCP message comprises one of a DHCP acknowledgement message and a DHCP offer message. 19 . The system of claim 14 , wherein the range of valid IP addresses for the particular IP subnet is determined either (a) by snooping one or more messages on the particular IP subnet, or (b) by snooping a route advertisement message, or (c) based on a configuration stored at a network device on the particular IP subnet. 20 . The system of claim 14 , wherein the at least one message comprises a De-Association message and/or a De-Authentication message.