Cisco Catalyst CMS

I recently picked up a project halfway through - in looking at the Win2K DHCP server leases at our remote location I saw one client that looked a bit different than the rest - I was not sure what it was so I port scanned it and found 80 was open on it - went to it via a browser and it turns out it is the Cisco 48 port catalyst switch at the location and I can access it and manage it via the CMS web gui - when i try to telnet to it, it tells me that is enabled but no password is set - I have a few issues here:

1.  All of our switches are set up in unmanaged mode, except our GBIC aggregator as it does all the Vlans - since this is a remote site might it be a good idea to leave in managed mode?

2.  Which is recommended - using the CMS or the command line?  I am much more familiar with the command line.

3.  How would I set a password via CMS so I can now telnet to the switch and use command line?

4.  It concerns me that this switch is somehow getting an IP via DHCP - I would prefer it to be static.  How can I tell which port / interface on the switch is getting the IP via DHCP in the CMS?

5.  Is there anything above that I must be on site to do?  As I stated before this is a remote location with no IT staff.
mrsmileynsAsked:
Who is Participating?
 
mikebernhardtConnect With a Mentor Commented:
Do you have the option to "configure?" I tried this earlier with Explorer on a 3548, they should be about the same. Go to
http://[your switch]/level/15/configure/-/line/vty/0/15

This will configure vty lines 0-15. You should have the whole list of vty line commands.
0
 
Don JohnstonConnect With a Mentor InstructorCommented:
What is the model of the switch?

1. I would allow for remote management since it is a remote site. Otherwise you would need a terminal server to perform any managemnet remotely.

2. Command line. In fact, I usually disable the http server altogether.

3. Depends somewhat on the model of switch. But if it's an IOS platform:

Switch#config term
Switch(config)# line vty 0 4
Switch(config-line)# password <string>
Switch(config-line)# login
Switch(config-line)# end

4. Depending on the model and management VLAN, but assuming an IOS box and VLAN1, then:

Switch#config term
Switch(config)# int VLAN 1
Switch(config-if)# ip address 192.168.1.1 255.255.255.0
Switch(config-if)# end

5. If the telnet (VTY) password is not set, that will have to be set on-site. You could alway walk someone through it over the phone. That's alway exciting! :-)

-Don
0
 
mrsmileynsAuthor Commented:
lets say...walking someone through setting the passwd over the phone is not an option - it really isn't in this case - there is no machine there to console in with etc.

so, that leaves me with the cms until i can go to florida  :)  how can i figure out which port is getting the IP dynamic and can i set it static in the cms?  do i want to bother?
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

 
mikebernhardtCommented:
What level of access do you have when you log into the switch? If you go to "web console" can you get yourself  to level 15 (enable mode)? You'll need to know the enable password, if there is one, and enter it with no user name. If you get into level 15, click on "configure" and then you can type in any command you want and set up a vty password.

I prefer CLI as well. The switches do DHCP by default if you haven't configured an address for them. So it probably got it off the local LAN. I turn off http server on all of our devices because it's just another open port to worry about.

I don't know what you mean by "managed." Do you mean SNMP managed? We manage everything via SNMP. In fact, on a router you can configure it with the snmp write string and a tool called snmpset. But it doesn't work on 3500 switches because they lack the MIBs to do it.
0
 
mikebernhardtCommented:
Oh... I don't think it matters which port is getting DHCP. The switch will be listening on all ports that are on the same VLAN as its management VLAN (1 by default). Just make it static once you get access.
0
 
mrsmileynsAuthor Commented:
ah - when i login as level 15 i can do it - thanks

what i mean is...i have never logged in to the other cisco switches on the network - i don't know the IP's for them - I am not sure if they even have any - they are set up like - "switch hubs"  pardon the term i am using - maybe they are not being used to their full functionality - i didn't set them up
0
 
mrsmileynsAuthor Commented:
i am logged into this switch via cms as level 15...but it is not like normal CLI - I am not sure how to set the vty telnet password - any ideas?
0
 
mrsmileynsAuthor Commented:
oh...it is a catalyst 3550 48 port
0
 
mrsmileynsAuthor Commented:
ok - i can now log in...but i cannot enable  -  command line states no password set and i can't seem to get one set - never encountered this on routers i have worked with - any ideas?  it's probably easy and i feel like a dope...but oh well
0
 
mikebernhardtCommented:
Go back to http://[your switch]/level/15/configure and set your enable password from there.
0
 
mrsmileynsAuthor Commented:
you are a very nice man - thank you - all set up now with full CLI access  :)  thanks guys
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.