Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Need to find out switch & firewall IP and logon credentials

Posted on 2010-08-25
17
Medium Priority
?
510 Views
Last Modified: 2013-11-16
Hello and thank you for sharing your knowledge and wisdom. More importantly your time. Much appreciated.

A new client has 12 pc's, 1 server 2003 SBS R2 w/ Exchange and Web Servers. The site has DHCP enabled.

I'm in the process of putting together a Network Information File for them. For the life of me i cannot find what the managed hardware (switch & firewall) IP addresses are. The previous IT person never supplied them with any of that information.

This the hardware:
Firewall: WatchGuard FireBox x5 Edge
Switch: Linksys 24 port 10/100 switch Model# EF3124

Any input would be greatly appreciated.

~Milosz,
0
Comment
Question by:loshdog
  • 6
  • 5
  • 2
  • +3
17 Comments
 
LVL 2

Assisted Solution

by:Pagefright
Pagefright earned 400 total points
ID: 33527891
It sounds like you will have to do a hard reset on those devices and reconfigure them back to normal operations.   There is no way to extract the login credentials from those devices.

That's poor practice (and form) of the former IT administrator.
0
 
LVL 3

Assisted Solution

by:omnimaven
omnimaven earned 400 total points
ID: 33527892
The firewall IP address is most likely your gateway address. On a PC just run ipconfig and you can get the gateway address.
0
 
LVL 3

Expert Comment

by:omnimaven
ID: 33527913
Unless the subnet of your network has changed since the last IT guy was there, you can run a ping sweep with a tool from SolarWinds.

http://www.solarwinds.com/products/toolsets/PingSweep.aspx

From that, you should be able to determine what the IP address is of your switch.
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 9

Expert Comment

by:dauman
ID: 33527924
your watchguard ip is going to be the gateway ip.
most any computer ... go to a CMD prompt and type "ipconfig /all"
and it will give you the gateway.
as for its' username and password, that could be anything.
the default for the firebox is - username: admin  - password: admin
if it has been changed it could be anything.
the only way there is to reset the box to factory defaults and reprogram it.

as for the switch, it would appear to be a unmanaged switch and have no ip.
0
 
LVL 5

Accepted Solution

by:
bpl5000 earned 1200 total points
ID: 33527990
If you need to reset the FireBox (and I think you will), unplug the device, hold down the reset button on the back, reconnect the power, but continue to hold down the reset button until the yellow Attn light stays on.  Dauman is right about the switch, it is unmanaged.

You can use tracert to find your gateway.  Just run "tracert google.com" at the command prompt and the last address before going to a public address should be your internal firewall address.  Chances are, it may not matter because you might need to reset the firewall box.  Good luck!
0
 
LVL 5

Expert Comment

by:bpl5000
ID: 33528026
I believe the default for Firebox is not admin/admin.  I'm fairly sure the username is blank and the password is "wg"

Give it a try before resetting the device.
0
 

Author Comment

by:loshdog
ID: 33528072
Thank you all for the input. Its very valued and informative.

The modem onsite has stopped responding so i can't remote in. I have to go on site (6:30 am est) and reset it manually. Since I'm there I'll perform the the above suggestions.  

I really hope I don't have to perform a hard reset. Never had to configure one before. But that's why I love this place.

Thank you again and I will post my results in the morning live from the site so plz tune in........ Lol.. j/k... ;)



PS.  I agree Pagefright "That's poor practice (and form) of the former IT administrator."
I see this kind of stuff all the time at sites.
Very bad practice and manner to conduct business with. Gives the smaller IT companies a bad name.
0
 
LVL 5

Expert Comment

by:Armenio
ID: 33528240
http://www.routerpasswords.com/

above link takes you t a website that contains all the default passwords and usernames try it loads of people i know never change the password
0
 

Author Comment

by:loshdog
ID: 33529978
Good morning all. Hope you are well rested and rejuvanated.
Well, I'm here onsite. Reseted the modem, all is ok. I ran a tracert and the last IP address before it goes public is 192.168.1.254 which is also the gateway.
When I attemp to connect to it via IE it takes me to a bing search page. http://www.bing.com/search?q=%2F%2F192.168.1.254&src=IE-SearchBox&FORM=IE8SRC 
Not sure what that is all about?? I guess that's not the IP...?
The server has two NIC's Internal and External. External goes through the firebox, Internal goes through the switch.
Any additional input would be greatly appreciated. Thank you and have a productive day..
0
 
LVL 2

Expert Comment

by:Pagefright
ID: 33530339
It looks like the default ip for the Firebox is 192.168.111.1  (www.watchguard.com/help/docs/v75FireboxXEdgeUserGuide.pdf)

The bing search is probably coming up because your web browser isn't resolving to anything, which in the case of your browser automatically goes to bing to help you find alternatives.

Even though you are resolving a 192.168.1.*, I would manually set your IP to 192.168.111.* and try the ip above.

It could just be that the ip is 192.168.1.1 or 192.168.1.254, but the port may have changed.  I do this to help prevent unauthorized usage and usually set the port to 8080 for web admin access.


Also, make sure you plug yourself directly into the Firebox and avoid the switch, if possible.

0
 

Author Comment

by:loshdog
ID: 33530698
Ok. I left the site. Got remote access again. Had to go to another appointment. I tried 192.168.111.1 w/o any results. I also tired port :8080 which seems to be an industry standard for admin access. Also lead to nowhere.

Is there a way to do a sweep, scan ports or network sweep. Anyone know of any other good utility that will provide me with any info on this WatchGuard firewall.

I will try to use this as recommended by omnimaven: http://www.solarwinds.com/products/toolsets/PingSweep.aspx

Many thanks~

Off to another site filled w/ many more new surprises....


~Milosz,

0
 
LVL 5

Expert Comment

by:bpl5000
ID: 33534194
Sounds like the server is doing routing... that's not a recommended configuration.  If all traffic needs to route thru the server, then is the server a web filter or an ISA Server that is being used for web caching?  If there isn't a specific purpose for using the server to route, then I would recommend replacing the server with a wired router.
0
 
LVL 5

Expert Comment

by:bpl5000
ID: 33534682
Looking at your question more closely, I see your client only has 12 workstations so you wouldn't need a router.  You wouldn't need multiple vlans so you can have the firewall as the default route, but the Exchange/Web server shouldn't be routing traffic to the firewall.  That doesn't make sense that the workstations would need to go thru the server to get to the web unless it's acting as a web filter or something like that.

Maybe they have the Exchange server connected to the DMZ of the firewall, but then they shouldn't have another connection going from the server to the switch.  I think you need to change their setup.
0
 

Author Comment

by:loshdog
ID: 33537811
Hello and thank you for your attention and expertise.

Wanted to make sure everyone is aware of the network schema at this place.

Two cable modems one for 4 tel lines the other for additional 4 tel lines & internet.
From modem it goes to Cisco 851 Seris Router (belong to ISP)  
From there it goes to the WatchGuard FireBox x5 Edge Firewall.  
The server has two NIC's. One connected to the Firewall the other  connected to the switch. All work stations connected to the switch.

0
 

Author Closing Comment

by:loshdog
ID: 33538551
Thank you all again for your input on this issue. I sincerely appreciate your time and expertise.

0
 
LVL 5

Expert Comment

by:bpl5000
ID: 33538569
So only the workstations and the server are connected to the switch?  This would mean that the workstations are routed thru the server and to the firewall.  In my opinion, this is not a good way to setup the network.  Have you checked the IP's on the server?  I wouldn't be surprised if one of the server IP was set as the default gateway.

Maybe I'm out of touch with smaller networks because we have over a thousand workstations and multiple vlans, but this just seems like a crazy way to do things.  What if the server goes down... people wouldn't be able to get to the internet?  I hope they are not using VoIP.
0
 

Author Comment

by:loshdog
ID: 33538755
It makes sens now. Matter of fact the workstations do loose internet connection when the server goes offline. I figured that it wasn't a good way to setup a network. No idea why all traffic is routed through the server. I think you hit the nail right on the head bpL5000. Thank you.

I started a new question.
             
  • Home>Networking>Network Management>Network Design & Methodology>Need to rebuild network.

Your input bpl5000 would be greatly valued and appreciated. Thank you in advance.

~Milosz,


0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question