?
Solved

how do I get an understanding of a network I didn't build?

Posted on 2005-04-13
14
Medium Priority
?
275 Views
Last Modified: 2010-03-18
Please forgive the novice question, but I know very little about networking.  I am volunteering for our local public library, and I have been tasked with adding wireless capability to their current network.  I have a feeling for how I will do this (with Cisco 1100s), but I need a better understanding of their existing network.  They have a Cisco 1720 router, Catalyst 2900 XL switch, and a Dell server running Windows Server 2003 and IIS.  I have no idea what IPs have been assigned to either the router or the switch, so I can't see 'inside' them to aid in my task.  I want to find out if there are VPNs defined in the switch, and if so, what they are.  I understand there is a console interface to the switch, but I do not have a cable to connect to it.  I also understand that there is a web interface to the switch, but I have to know the IP address of it, which I don't.  Unfortunately, the person who set up the network originally is no longer available, and he/she left very little documentation.  I know that the server is at 10.0.0.2.  I could not browse to 10.0.0.1, or 0.

So my question is, is there a utility that will help me draw a topology of my network, telling me what IP addresses are assigned to which boxes, etc.?  What's the best way for a novice to get a good handle on this configuration?

Thanks in advance for your help,
Mark
0
Comment
Question by:mmichrin
  • 7
  • 4
  • 3
14 Comments
 
LVL 11

Assisted Solution

by:-Leo-
-Leo- earned 1000 total points
ID: 13778924
Well, you can use any network scanner for this but to draw LAN topology I would suggest you to use WhatsUp Gold - look at their website: www.ipswitch.com. It will draw all your network devices with IP addresses and so on ...

But, to access your switch and router you will need a passwords, if you don't have them - follow password recovery procedures:

For the 1720 router: http://www.cisco.com/warp/public/474/pswdrec_1700.shtml

For 2900XL switch: http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

Be very careful as you can loose all configuration!
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13781019
Yea, you have walked into a hornets nest here.  make the wrong move and your entire network will come down around you.  Before doing any password recovery, plan ahead, perhaps for a time in the future when the building will be closed for a day or two.

I use Languard Security Scanner when I first enter a Network to get an idea of the network Addressing..  Free 30 day eval at this location (the full version which is nice):  

http://www.gfi.com/downloads/downloads.aspx?pid=LANSS&lid=en

There are three basic ways to get into a Cisco Device.  1:  Console Session   2:  Telnet  3:  Web Based (if available)

Telnet is my preference, but the vty login must be enabled.  If you try the Console, be sure you have the correct cable.  This is a Rollover Cable (not a straight-thru) where the 8 wires are rolled to the terminating RJ45 ends and connects to a DB9 adapter to the COM port on your system.  You will use an Emulator program to access the device, such as the Windows Hyperterminal.  There are plenty of links out there for how to configure it for access.

As Leo mentions though, if you loose the Startup Config (which is located in NVRam), you will be setting these devices up from scratch.  Meaning all your Access Lists, Interface Configs, etc., will need to be reconfigured.  I have seen even good Cisco Techs take days to do this.  I would suggest you get a consultant in there to help you on the project, and at the minimum, back up the configs to a TFTP server so you won't loose them...

Best of luck!

FE
0
 

Author Comment

by:mmichrin
ID: 13781056
Thanks for your help!

Both of these procedures require the console cable...guess I'll have to work that out.

How can I tell if passwords were ever assigned?  The equipment is in a locked room, so I doubt they were ever set.  These passwords are for the console interface only, correct?  Or will the password limit access to the web interface if I can ever get that to work?

WhatsUp is expensive (too expensive for our little library).  Any good open source tools?  What is Cisco's Netflow (does it apply here)?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 11

Expert Comment

by:-Leo-
ID: 13781118
Try GFI Languard scanner, suggested by Fatal_Exception - you can use it for 30 days for free...

To access your routers and switches (to recover passwords) you need physical access to these devices, use Cisco console cable (usually supplied with the router), Hyperterminal and procedure I posted in the first message.

To use NetFlow you have to set your devices for this first ... this mean you need full access. I would suggest you to find all passwords first and then plan your work. Even if you will know IP address of your router you won't able to access them via telnet/web interface without passwords.
0
 
LVL 11

Expert Comment

by:-Leo-
ID: 13781148
Also, Netflow can monitor your traffic but you cannot configure your devices with it.

First of all, try to connect to the routers/switches with console and see what authentication is in there - maybe it is Radius or TACACS then you probably can add you into the Radius/TACACS group on the server and access your devices ...
0
 

Author Comment

by:mmichrin
ID: 13782096
Is there a good reference for me to look up 'safe' IOS commands to execute while I'm in each box?  I would like to examine the config of each device...
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13782335
Safe Commands?  There are two modes within the Cisco IOS..  User Exec and Priveleged Exec...  User Exec is denoted with a > and Priv is the # sign..  You won't be able to enter the Priv mode without a password (if it was assigned)..  But from the User Exec mode you can run some commands, and this is considered "Safe"

I doubt seriously whether this will work, but once you scan your network, and get the IP Address of the e0 port of your Cisco Router, you might try Telnet Access to it...  You will know right away if access was granted by the previous admin..  Usually Access Lists are set on Telnet requiring a specific IP Address configured on your system, and usernames and passwords..  If I had set this up, I would most likely not allow Telnet though..  

Are you saying you don't have access to the Server Room and the Cisco Equipment?

Leo..  Sorry for repeating anything about HyperTerminal...  I did not read your links!  LOL, eh?  :)

FE
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13782391
What commands you will probably need to run are the Show Commands..  Just type in "Show ?" and it will bring back a list of the commands you can issue.  As far as changing anything within the router/switch, as long as you stay out of the Config Terminal (Global Configuration Mode), in general, you will be fine..

To tell the truth, you should really get yourself a book (CCNA ICND) or a video to watch before you try any of this..  For Video Training, I suggest you try CBT Nuggets..  In fact, they have some free Cisco Videos if you want to ck them out..  Ck the link for Free Videos..  but you will need to get the CCNA package to really learn what is going on within these devices...  and buy the books..

http://www.cbtnuggets.com/
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 1000 total points
ID: 13782425
0
 

Author Comment

by:mmichrin
ID: 13782437
I'm sorry, didn't mean to convey that I did not have access to the server room.  I do have access.  However, Only the 1720 has a serial cable attached to it.  I don't have one for the switch ( I was going to try to move the cable from the router to the switch...I assume this is safe).  So if I try something like a 'show running-config', will that tell me anything interesting (like the assigned IP address, password (or at least whether or not there is one), etc.?  I think the 2900XL has Visual Switch Manager software, but I need to know the IP address, and a uid and pw, if applicable...   have you used this software before?
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13782506
"Sh Run Config" will give you the Running Configuration of the router.  To see the IP Addresses and Interfaces, use the command:  "sh ip int brief"    To view detailed info on the interfaces, run this:  "sh int"

Note that you don't need to use the entire word, as the IOS will understand abbreviations..  ie:  sh run  =  show running-config
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13782529
"Sh Run Config"  should be "show running-config"  

I am just used to using the abbreviations..  :)  sh run
0
 

Author Comment

by:mmichrin
ID: 13784113
I tried the above commands at lunch.  Seems the 'sh ip' and 'sh int' commands are not documented (at least they don't show up when I type 'show ?').  I guess it's just something you HAVE to know? ;-)

I got the address of the router (10.0.0.254).  The switch has NOT been configured with an IP address, and only has VLAN1 defined, so I'm assuming it is being used as a 'dumb' switch.  I also assume they have windows configured as a proxy server or are using another method to control patron access to the internet.

Thanks for all the pointers here.  I reluctantly admit that I need to go 'back to school' to pick up some of the salient points of networking to accomplish what I've set out to do...I was hoping to be able to pick it up quickly, but it appears to be a little too big...:-(
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13784823
Been doing this for a while myself, and still have to 'go back to school' on occasion!  Regarding those commands, if you use abbreviated commands, you have to put in the entire command..  in other words, just a 'sh ip' command will not work.. use the entire abbrev command "sh ip int" or "sh ip int brief" at the Router# line and you will see what I mean.

All switches come with the default Vlan1...   To give a switch an IP address (for telneting), assign the IP address to that Vlan1, then you will be able to see the IP...  Creating Vlans is pretty cool, and prevents a network from becoming overloaded with broadcasts..  But you will have to enable trunking and allow the router to route between the Vlans..  Lots to learn!

Good luck, and thanks!

FE
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question