Solved

How to discover the IP address of a wireless access point without looking at the DHCP client list

Posted on 2009-05-15
11
1,453 Views
Last Modified: 2012-05-07
I need to discover the IP addresses of a few Cisco 1300 access points in order to login to them and configure them.  Does anyone have any suggestions?  They are mounted pretty high so getting to them would be a pain in the A**!
0
Comment
Question by:JJMarquart
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 3

Expert Comment

by:cwalter9
ID: 24400058
Do you have access to any other cisco device on the same network?

You can use cdp (Cisco Discovery Protocol) to find some info about each one and hopefully which switch port it is on.

You can then use the mac address table and arp entries on the switch/router to find the IP address.

Let me know if you have access to a cisco device on the network already. If not we can look at using nmap (Network Mapper) to find them.
0
 
LVL 8

Expert Comment

by:inbox788
ID: 24400090
You are a network administrator and not hacking, right?

You could try a sniffer like

http://www.kismetwireless.net/screenshot.shtml

or

http://www.stumbler.net/readme/readme_0_4_0.html

0
 

Author Comment

by:JJMarquart
ID: 24400158
I looking to be the new admin.  They want to replace the old one.  They want to know if I can manage their network.  Which I'm pretty sure I can.  One thing I am iffy about is they have a SBS server that is involved somehow with the wireless possibly for RAIDUS authentaction but you don't have to enter a logon to get on the network.  They also have a nomadix gateway too.

I use netsumbler all the time but never saw the IP of the AP just the AP and SSID.  Am I missing something? I don't work with Linux so not sure about Kismet, unless they have a windows app I'm not aware of.

Thanks for the feedback!
0
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

 
LVL 3

Expert Comment

by:cwalter9
ID: 24400168
I was assuming you have the credentials to login to them correct? Otherwise, you are going to need to scissor lift on up there. I know it isn't fun trust me, I have had to do it a few times.
0
 
LVL 3

Expert Comment

by:cwalter9
ID: 24400184
Do you have the username and password to login to the Cisco devices when we do find them? If not then we need to gain physical access to the devices. Knowing the IP address will not do much more than get you a login prompt that you can't do anything with or a web interface asking for the same. Since you are taking over a Cisco network I'm assuming you know the Cisco IOS?
0
 

Author Comment

by:JJMarquart
ID: 24400191
there is a 24 port managed Cisco switch but I don't have access to it at the moment.
0
 

Author Comment

by:JJMarquart
ID: 24400202
I was hoping for the default UN and PW to work.  If not I told them they would need to get that info from the current admin.
0
 
LVL 8

Expert Comment

by:inbox788
ID: 24400299
I thought Netsumbler showed IPs, but maybe it doesn't. Looks like Ethereal does:

http://zedomax.com/image/200702/ethereal.jpg

http://www.ethereal.com/
0
 
LVL 3

Accepted Solution

by:
cwalter9 earned 250 total points
ID: 24400460
If you can get on the Cisco switch you can do:

sh cdp neighbors

It will list each Cisco device on it and the port which it is connected to. It will also provide it's hostname if set, the type of device it is, if there are other switches on the network this would help you find those also.

Lets say that it told you that one of the APs was on port Gig3/36 then you can do:

#sh mac-address-table | inc 3/36
   1    0011.85d7.facc   dynamic ip                    GigabitEthernet3/36

Now you have the mac you can do:

sh arp | inc facc

Which will give you the IP address.

You could also download and bootup a Knoppix CD and use nmap to map the network.
0
 
LVL 14

Assisted Solution

by:Roachy1979
Roachy1979 earned 250 total points
ID: 24401455
Nmap with OS detection will do it.  It'll certainly give you mac, ip and IOS version.

Got to www.insecure.org, download and install nmap and then run

Nmap -sS -sV -O 192.168.1.0/24

Against your ip range.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24402132
You could try Softperfects Network Scanner (which is FREE) from http://www.download3k.com/Install-SoftPerfect-Network-Scanner.html.

We have used this to discover IP Addresses on networks when we don't know what we are looking for IP Address wise.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will describe how to setup a Cisco WLC 5508 to work with Apple's Bonjour protocol across VLANs.  I will also discuss using screen mirroring and Airplay on an AppleTV v3.  This article covers the wireless network only and requires m…
This program is used to assist in finding and resolving common problems with wireless connections.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question