Solved

Need to find out switch & firewall IP and logon credentials

Posted on 2010-08-25
17
489 Views
Last Modified: 2013-11-16
Hello and thank you for sharing your knowledge and wisdom. More importantly your time. Much appreciated.

A new client has 12 pc's, 1 server 2003 SBS R2 w/ Exchange and Web Servers. The site has DHCP enabled.

I'm in the process of putting together a Network Information File for them. For the life of me i cannot find what the managed hardware (switch & firewall) IP addresses are. The previous IT person never supplied them with any of that information.

This the hardware:
Firewall: WatchGuard FireBox x5 Edge
Switch: Linksys 24 port 10/100 switch Model# EF3124

Any input would be greatly appreciated.

~Milosz,
0
Comment
Question by:loshdog
  • 6
  • 5
  • 2
  • +3
17 Comments
 
LVL 2

Assisted Solution

by:Pagefright
Pagefright earned 100 total points
Comment Utility
It sounds like you will have to do a hard reset on those devices and reconfigure them back to normal operations.   There is no way to extract the login credentials from those devices.

That's poor practice (and form) of the former IT administrator.
0
 
LVL 3

Assisted Solution

by:omnimaven
omnimaven earned 100 total points
Comment Utility
The firewall IP address is most likely your gateway address. On a PC just run ipconfig and you can get the gateway address.
0
 
LVL 3

Expert Comment

by:omnimaven
Comment Utility
Unless the subnet of your network has changed since the last IT guy was there, you can run a ping sweep with a tool from SolarWinds.

http://www.solarwinds.com/products/toolsets/PingSweep.aspx

From that, you should be able to determine what the IP address is of your switch.
0
 
LVL 9

Expert Comment

by:dauman
Comment Utility
your watchguard ip is going to be the gateway ip.
most any computer ... go to a CMD prompt and type "ipconfig /all"
and it will give you the gateway.
as for its' username and password, that could be anything.
the default for the firebox is - username: admin  - password: admin
if it has been changed it could be anything.
the only way there is to reset the box to factory defaults and reprogram it.

as for the switch, it would appear to be a unmanaged switch and have no ip.
0
 
LVL 5

Accepted Solution

by:
bpl5000 earned 300 total points
Comment Utility
If you need to reset the FireBox (and I think you will), unplug the device, hold down the reset button on the back, reconnect the power, but continue to hold down the reset button until the yellow Attn light stays on.  Dauman is right about the switch, it is unmanaged.

You can use tracert to find your gateway.  Just run "tracert google.com" at the command prompt and the last address before going to a public address should be your internal firewall address.  Chances are, it may not matter because you might need to reset the firewall box.  Good luck!
0
 
LVL 5

Expert Comment

by:bpl5000
Comment Utility
I believe the default for Firebox is not admin/admin.  I'm fairly sure the username is blank and the password is "wg"

Give it a try before resetting the device.
0
 

Author Comment

by:loshdog
Comment Utility
Thank you all for the input. Its very valued and informative.

The modem onsite has stopped responding so i can't remote in. I have to go on site (6:30 am est) and reset it manually. Since I'm there I'll perform the the above suggestions.  

I really hope I don't have to perform a hard reset. Never had to configure one before. But that's why I love this place.

Thank you again and I will post my results in the morning live from the site so plz tune in........ Lol.. j/k... ;)



PS.  I agree Pagefright "That's poor practice (and form) of the former IT administrator."
I see this kind of stuff all the time at sites.
Very bad practice and manner to conduct business with. Gives the smaller IT companies a bad name.
0
 
LVL 5

Expert Comment

by:Armenio
Comment Utility
http://www.routerpasswords.com/

above link takes you t a website that contains all the default passwords and usernames try it loads of people i know never change the password
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:loshdog
Comment Utility
Good morning all. Hope you are well rested and rejuvanated.
Well, I'm here onsite. Reseted the modem, all is ok. I ran a tracert and the last IP address before it goes public is 192.168.1.254 which is also the gateway.
When I attemp to connect to it via IE it takes me to a bing search page. http://www.bing.com/search?q=%2F%2F192.168.1.254&src=IE-SearchBox&FORM=IE8SRC
Not sure what that is all about?? I guess that's not the IP...?
The server has two NIC's Internal and External. External goes through the firebox, Internal goes through the switch.
Any additional input would be greatly appreciated. Thank you and have a productive day..
0
 
LVL 2

Expert Comment

by:Pagefright
Comment Utility
It looks like the default ip for the Firebox is 192.168.111.1  (www.watchguard.com/help/docs/v75FireboxXEdgeUserGuide.pdf)

The bing search is probably coming up because your web browser isn't resolving to anything, which in the case of your browser automatically goes to bing to help you find alternatives.

Even though you are resolving a 192.168.1.*, I would manually set your IP to 192.168.111.* and try the ip above.

It could just be that the ip is 192.168.1.1 or 192.168.1.254, but the port may have changed.  I do this to help prevent unauthorized usage and usually set the port to 8080 for web admin access.


Also, make sure you plug yourself directly into the Firebox and avoid the switch, if possible.

0
 

Author Comment

by:loshdog
Comment Utility
Ok. I left the site. Got remote access again. Had to go to another appointment. I tried 192.168.111.1 w/o any results. I also tired port :8080 which seems to be an industry standard for admin access. Also lead to nowhere.

Is there a way to do a sweep, scan ports or network sweep. Anyone know of any other good utility that will provide me with any info on this WatchGuard firewall.

I will try to use this as recommended by omnimaven: http://www.solarwinds.com/products/toolsets/PingSweep.aspx

Many thanks~

Off to another site filled w/ many more new surprises....


~Milosz,

0
 
LVL 5

Expert Comment

by:bpl5000
Comment Utility
Sounds like the server is doing routing... that's not a recommended configuration.  If all traffic needs to route thru the server, then is the server a web filter or an ISA Server that is being used for web caching?  If there isn't a specific purpose for using the server to route, then I would recommend replacing the server with a wired router.
0
 
LVL 5

Expert Comment

by:bpl5000
Comment Utility
Looking at your question more closely, I see your client only has 12 workstations so you wouldn't need a router.  You wouldn't need multiple vlans so you can have the firewall as the default route, but the Exchange/Web server shouldn't be routing traffic to the firewall.  That doesn't make sense that the workstations would need to go thru the server to get to the web unless it's acting as a web filter or something like that.

Maybe they have the Exchange server connected to the DMZ of the firewall, but then they shouldn't have another connection going from the server to the switch.  I think you need to change their setup.
0
 

Author Comment

by:loshdog
Comment Utility
Hello and thank you for your attention and expertise.

Wanted to make sure everyone is aware of the network schema at this place.

Two cable modems one for 4 tel lines the other for additional 4 tel lines & internet.
From modem it goes to Cisco 851 Seris Router (belong to ISP)  
From there it goes to the WatchGuard FireBox x5 Edge Firewall.  
The server has two NIC's. One connected to the Firewall the other  connected to the switch. All work stations connected to the switch.

0
 

Author Closing Comment

by:loshdog
Comment Utility
Thank you all again for your input on this issue. I sincerely appreciate your time and expertise.

0
 
LVL 5

Expert Comment

by:bpl5000
Comment Utility
So only the workstations and the server are connected to the switch?  This would mean that the workstations are routed thru the server and to the firewall.  In my opinion, this is not a good way to setup the network.  Have you checked the IP's on the server?  I wouldn't be surprised if one of the server IP was set as the default gateway.

Maybe I'm out of touch with smaller networks because we have over a thousand workstations and multiple vlans, but this just seems like a crazy way to do things.  What if the server goes down... people wouldn't be able to get to the internet?  I hope they are not using VoIP.
0
 

Author Comment

by:loshdog
Comment Utility
It makes sens now. Matter of fact the workstations do loose internet connection when the server goes offline. I figured that it wasn't a good way to setup a network. No idea why all traffic is routed through the server. I think you hit the nail right on the head bpL5000. Thank you.

I started a new question.
             
  • Home>Networking>Network Management>Network Design & Methodology>Need to rebuild network.

Your input bpl5000 would be greatly valued and appreciated. Thank you in advance.

~Milosz,


0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now