Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Need Cisco command to convert mac address to ip address

Posted on 2008-10-02
6
8,660 Views
Last Modified: 2009-12-16
I have a Cisco 3560 that we are trying to determine the ip address of a device that is connected to a given port... We have run "show mac-address-table" and have the mac address but now need to know how to convert that mac address into an IP Address.  Does anyone know the command?
0
Comment
Question by:BPGInfotech
  • 2
  • 2
  • 2
6 Comments
 
LVL 5

Assisted Solution

by:Cutshall
Cutshall earned 150 total points
ID: 22624079
If you go to any router on the network and show the ARP table, you should be able to resolve the MAC address to an IP. Switches do not understand IP since they work at Layer 2.

Since the switch is working at Layer 2 of the OSI model, you cannot associate an IP address on a port, but only a MAC address and the port it is connected. Also, from a security point of view, a portscan action can be done using a spoofed IP address, so the information given is unreliable.

I would suggest you to do a map of the layer 2 of your network using some simple tool (nmap with -sP option to do a ping sweep of the entire subnet) and gathering the whole information in an Excel file (or equivalent). Once someone asks you to disable a device, you can match the IP address with its MAC address and disable the port you need.

Also you can prevent users from "sniffing" the network by using the "protected port" feature given by Cisco Catalysts. Using the "mac-address sticky" option you will reduce efforts for managing mac address table on each port, while "mac-address maximum 2" will grant that no more than 2 MAC addresses can be applied on that port. Once a device starts an ARP Poisoning process or sniffing (actively) the port will shutdown (or other chosen action policy).
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 350 total points
ID: 22624097
If the switch is the default gateway of the device in question, just do a "show arp".
0
 
LVL 5

Expert Comment

by:Cutshall
ID: 22624182
I thought doing a "show arp" will only give you the mac address and the port right?  Since the device is Layer 2, it doesn't really understand IP addresses.
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:BPGInfotech
ID: 22624263
Ok... I am going to split the point between the two but give the majority to donjohnston and her is the reason why... I had already stated that I was able to do a show mac-address-table on the switch that I wanted to find the IP address.  By doing this command I can see the mac address associated to a given port.  donjohnsoton mentioned the default gateway and that is the key point here... I tried to do a show arp on our router and it only showed info on what is connected to that device... really just external IP Addresses... but our Firewall I did the show arp and I was able to get the ip address of all devices with their mac address... I then cross referenced the command I did on the switch to get the matcing IP address.  We have a ASA5510 firewall and the show arp command gave me the info...

Thanks for your resposes
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 22624402
>I thought doing a "show arp" will only give you the mac address and the port right?  Since the device is Layer 2, it doesn't really understand IP addresses.

The 3560 is a multilayer switch. As such, if IP routing is enabled (and if the device is communicating with the switch), then it's IP address, MAC and port will be displayed in the ARP cache of the switch.
0
 

Author Comment

by:BPGInfotech
ID: 22624486
Show arp on teh 3560 switch gave IP and MAC but only from two of my servers and my firewall the ASA5510.  But the "show mac-address-table" on the 3560 gave me the mac and port... which was half of my issue I knew what port was in question.  So by doing the "show arp" on my ASA I got a list of IP Addresses and Mac Addresses... I then matched the Mac from the mac-address-table command to get the IP Address.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
upgrading flat network to VLAN 3 112
Cisco Router DMZ 5 88
Iptables and mirroring ports 4 87
Why APC patch cords are not recommended wirth 10GBase SFP+ Gbics? 6 88
This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question