?
Solved

Cisco Catalyst CMS

Posted on 2004-04-26
11
Medium Priority
?
1,322 Views
Last Modified: 2008-03-03
I recently picked up a project halfway through - in looking at the Win2K DHCP server leases at our remote location I saw one client that looked a bit different than the rest - I was not sure what it was so I port scanned it and found 80 was open on it - went to it via a browser and it turns out it is the Cisco 48 port catalyst switch at the location and I can access it and manage it via the CMS web gui - when i try to telnet to it, it tells me that is enabled but no password is set - I have a few issues here:

1.  All of our switches are set up in unmanaged mode, except our GBIC aggregator as it does all the Vlans - since this is a remote site might it be a good idea to leave in managed mode?

2.  Which is recommended - using the CMS or the command line?  I am much more familiar with the command line.

3.  How would I set a password via CMS so I can now telnet to the switch and use command line?

4.  It concerns me that this switch is somehow getting an IP via DHCP - I would prefer it to be static.  How can I tell which port / interface on the switch is getting the IP via DHCP in the CMS?

5.  Is there anything above that I must be on site to do?  As I stated before this is a remote location with no IT staff.
0
Comment
Question by:mrsmileyns
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 500 total points
ID: 10920835
What is the model of the switch?

1. I would allow for remote management since it is a remote site. Otherwise you would need a terminal server to perform any managemnet remotely.

2. Command line. In fact, I usually disable the http server altogether.

3. Depends somewhat on the model of switch. But if it's an IOS platform:

Switch#config term
Switch(config)# line vty 0 4
Switch(config-line)# password <string>
Switch(config-line)# login
Switch(config-line)# end

4. Depending on the model and management VLAN, but assuming an IOS box and VLAN1, then:

Switch#config term
Switch(config)# int VLAN 1
Switch(config-if)# ip address 192.168.1.1 255.255.255.0
Switch(config-if)# end

5. If the telnet (VTY) password is not set, that will have to be set on-site. You could alway walk someone through it over the phone. That's alway exciting! :-)

-Don
0
 

Author Comment

by:mrsmileyns
ID: 10920918
lets say...walking someone through setting the passwd over the phone is not an option - it really isn't in this case - there is no machine there to console in with etc.

so, that leaves me with the cms until i can go to florida  :)  how can i figure out which port is getting the IP dynamic and can i set it static in the cms?  do i want to bother?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10921020
What level of access do you have when you log into the switch? If you go to "web console" can you get yourself  to level 15 (enable mode)? You'll need to know the enable password, if there is one, and enter it with no user name. If you get into level 15, click on "configure" and then you can type in any command you want and set up a vty password.

I prefer CLI as well. The switches do DHCP by default if you haven't configured an address for them. So it probably got it off the local LAN. I turn off http server on all of our devices because it's just another open port to worry about.

I don't know what you mean by "managed." Do you mean SNMP managed? We manage everything via SNMP. In fact, on a router you can configure it with the snmp write string and a tool called snmpset. But it doesn't work on 3500 switches because they lack the MIBs to do it.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10921048
Oh... I don't think it matters which port is getting DHCP. The switch will be listening on all ports that are on the same VLAN as its management VLAN (1 by default). Just make it static once you get access.
0
 

Author Comment

by:mrsmileyns
ID: 10921063
ah - when i login as level 15 i can do it - thanks

what i mean is...i have never logged in to the other cisco switches on the network - i don't know the IP's for them - I am not sure if they even have any - they are set up like - "switch hubs"  pardon the term i am using - maybe they are not being used to their full functionality - i didn't set them up
0
 

Author Comment

by:mrsmileyns
ID: 10921109
i am logged into this switch via cms as level 15...but it is not like normal CLI - I am not sure how to set the vty telnet password - any ideas?
0
 

Author Comment

by:mrsmileyns
ID: 10921141
oh...it is a catalyst 3550 48 port
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 10921200
Do you have the option to "configure?" I tried this earlier with Explorer on a 3548, they should be about the same. Go to
http://[your switch]/level/15/configure/-/line/vty/0/15

This will configure vty lines 0-15. You should have the whole list of vty line commands.
0
 

Author Comment

by:mrsmileyns
ID: 10921343
ok - i can now log in...but i cannot enable  -  command line states no password set and i can't seem to get one set - never encountered this on routers i have worked with - any ideas?  it's probably easy and i feel like a dope...but oh well
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10921566
Go back to http://[your switch]/level/15/configure and set your enable password from there.
0
 

Author Comment

by:mrsmileyns
ID: 10921616
you are a very nice man - thank you - all set up now with full CLI access  :)  thanks guys
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question