Solved

How do i find out the IP address of firewall and switch.

Posted on 2010-09-17
29
773 Views
Last Modified: 2012-05-10
Hello and thank you for taking the time to assist me with this question. I appreciate your time and expertise.

I'm putting together a NIF Network Info. File for a new client of ours. The last IT company did not leave them with any sort of documentation (bad practice).

I need to find out how to look up the IP address of the switch and firewall. (Modem and router are managed by ISP)
The way it set up right now is. The ISP is cablevision going to modem > router > firewall > server (dual ethernet) > switch.

The client is getting a new server if about a week or at which time we will rebuild the network (Making it Flat) so that way the internet connection on the workstation does not have to depend on the server.

Below is the hardware:

Correct me if i'm wrong but i believe that the switch is not managed and might not have an IP.

Again thank you for your time and input on this.  

PS. Is there some sort of a tool i can use that scans the network from the server and provides all this info? Would make things so much easier.... :)
0
Comment
Question by:loshdog
  • 9
  • 8
  • 5
  • +3
29 Comments
 
LVL 6

Expert Comment

by:MISOperations
Comment Utility
cmd prompt

ipconfig
0
 
LVL 16

Expert Comment

by:uescomp
Comment Utility
The Linksys switch does not appear to be managed and will not have an IP address.  If you go to one of the workstations and pull up a command line window you can type 'ipconfig' the address under 'default gateway' should be the IP address of the firewall.
0
 
LVL 3

Expert Comment

by:rgeers
Comment Utility
linksys EF3124: This is an unmanaged switch. There is nothing to configure and nothing to monitor except the lights on the switch.

The FireBox x5 Edge should have a serial port to be able to manage it. You can find out the adresses of the interface here. You might need to find the console cable...


0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
If the server is multi-homed, then the workstations might be using the server as the default gateway.  If you're going to run ipconfig to try to find a default gateway address pointing to the router, then run it on the server itself rather than on a workstation.
0
 

Author Comment

by:loshdog
Comment Utility
I did attempt that already. The IP i get for dns is 192.168.1.254 i can ping it but browser takes me nowhere PAGE CAN NOT BE DISPLAYED





ipconfig.JPG
0
 

Author Comment

by:loshdog
Comment Utility
Hello and thank you all for your responses and recommendations.

Hypercat the above screenshoot of cmd ipconfig is from the server...

~Thank you..
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
for the firewall MISOperations gave you correct directions, but not complete answer.
To find out the IP address of the LAN interface on the firewall what you need to do is:

on any workstation "Run" -> cmd -> enter
ipconfig /all

look for the line that says "Default Gateway". That SHOULD be your firewall. you can verify it by typing the address into the browser. You should get WebUI for the firewall.
it is possible that this switch you mention IS managed. You need to check with manufacturer. IF it is managed, i would reset it to factory and configure it myself so that i know everything about it. You need it to update firmware etc.
Same goes for the firewall. You MUST have access to it. Most if not appliance firewall work on the subscription base (certain functionality is only enabled if you subscribe with the manufacturer). I would suggest resetting the firewall to factory as well, and doing all configuration on my own.
Dont repeat previous company mistakes and document EVERY step.

As for the tool, google "Angry IP Scanner". it is free, you need to specify the range to scan, it will find all alive nodes.

On another note, just a suggestion... If you have to ask on the internet help forum how to find out IP address, maybe you should get someone to do the audit, and future support.
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
my post a little late.
server does look like it is multihomed

go to "network properties" of the "External" connection, it's Defaul Gateway should be the firewall.
It is hard to see on the screenshot, did you black-out certain fields, or are they empty?
0
 

Author Comment

by:loshdog
Comment Utility
rgeers  

Just so I'm clear

The firewall has a db9 connection on it (I saw it remember it being there). I can connect up to it with a serial cable. The software to manage the firewall I get from manufacture website?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
That ipconfig result looks hinky. Did you erase half of the IP address of the second NIC on purpose, or did it actually come back that way?
192.168.1.254 is showing as the default gateway, but if the 192.168.1.1 network is the external network, then the DNS server IP address should be pointing to the internal IP address, not the default gateway.  Could you output the results of ipconfig /all to a .txt file and post that so we can see the whole thing?
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
also, it is possible that Firebox has its WebUI disabled.
You need to download WSM from watchguard.com to access it.
0
 
LVL 16

Expert Comment

by:uescomp
Comment Utility
I am not familiar with this model firewall but you typically manage them with a program like Hyperterminal or Putty.
0
 

Author Comment

by:loshdog
Comment Utility
Thank You Lisij but this comment was unnecessary.

On another note, just a suggestion... If you have to ask on the internet  help forum how to find out IP address, maybe you should get someone to  do the audit, and future support.

We all needed to start somewhere. At least i'm reaching out for help and making sure i'm doing things the right way..
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
you can use serial port to access firewall if you are OK with command line.

You can use telnet or Putty.exe to do so.
Again, it depends on the firewall config. It is possible to lock down almost everything.
Go to watchguard.com, register (if you havent already), and download watchguard system manager for your firewall.
You may have to go through cust. support to assign the firewall in question to your account.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
You could try downloading the WSM program, but you need to know the firewall's IP address before you can connect to it. Plus, if the Watchguard Firebox is being managed by the ISP, it might be password protected, too.
0
 

Author Comment

by:loshdog
Comment Utility
Firebox is not managed by ISP.
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
loshdog, didnt mean no disrespect, but one shouldnt start training by trial and error on the live network, just my opinion...

as i said, you need to go to watchguard site to download management software.
also, if you go to training part, you can download ppt and .pdf for watchguard firewall, you should have it if you want to do anything with the firewall.
I just did certification exam for watchguard, so everything is still fresh :D
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
wsm should be able to auto-discover the firewall, if it is on the same subnet.
If not, i would try to connect to .1.254 first and see if it works.
0
 
LVL 3

Expert Comment

by:rgeers
Comment Utility
The public adress of your firewal you should be able to find out if you can access a workstation from behind the firewall and write the address wimi.com. Use this address and ask whois the public network. You can use http://tools.whois.net/whoisbyip/ if you dont have the whois command. On the private side of the network you can use a ipconfig /all or ifconfig command to find what adresses your DHCP server assigns. But the Firebox is a VPN gateway so something should be documented somewhere, otherwise your users can't use your VPN. I found some documentation (http://www.watchguard.com/help/docs/v75FireboxXEdgeUserGuide.pdf), here the default address is https://192.168.111.1, but you find your gateway address using ipconfig / ifconfig,
0
 

Author Comment

by:loshdog
Comment Utility
Lisij

I do work w/ other IT pros. And yes I'm a novice and don't want to ask them these question b/c i will sound stupid.. I figured this was a great place to ask these kind of questions and escape judgement from other people.

Appology accepted..

I will attempt the solutions recommended here and post my results.

Thank you all again... Have a great weekend.
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
the default address will be used if (or when) you reset the firewall to the factory settings.
Right now most likely it is .1.254
make sure to install WSM on the server, even if it is multihomed and firewall is on different subnet, you should be able to find the firewall.
0
 

Author Comment

by:loshdog
Comment Utility
I did try 192.168.1.254 as well as 192.168.111.1 as recommended by rgeers:  takes me nowhere in IE.

Here is a screenshot of ipconfig /all as seen on the server.



ipconfig.JPG
0
 
LVL 3

Expert Comment

by:Lisij
Comment Utility
111.1 wouldnt work. this is the factory config address, noone would use it in production environment.

In one of my earler posts i mentioned that it is possible to disable Web Console on watchguard firewalls.

100% guaranteed to work is Watchguard System Manager.
if you have physical connectoin to the firewall, WSM will pick it up and you will be able to configure it.

Do you know any passwords to it? If not, all that would be useless. You cant do anything without passwords.
0
 
LVL 3

Expert Comment

by:rgeers
Comment Utility
your firewall address is at 192.168.1.254, but you need to find the port for https. On linux I would use a utility called nmap, and you ca find it for windows too. Then use this command:

nmap -sS -PN 192.168.1.254

This will show you which ports the firewall listens on. Then use your browser with https://192.168.1.254:<portnr>. Hope this works. Otherwise your serial cable and Hyperterminal is what you want. Set hyperterminal in 9600 8N1 which is usually default. But consult the manual if this doesnt work.
0
 

Author Comment

by:loshdog
Comment Utility
No passwords. Previous IT company did not leave any documentations. This is why i'm performing this task.

The bottom line is the the firewall may need to have a hard reset performed on it. The client is getting a new server in about a week or some. That would be a great time to do that.

I thought there might be some other way to at least find out the IP w/o knowing the p/w or u/n...
0
 
LVL 3

Expert Comment

by:rgeers
Comment Utility
No if you dont have the password, you wont be able to even enter admin commands from the console. Your only luck is if the console is unprotected with passwords. You could do a factory reset, but that wont help a thing, you just loose your config. So try the Hyperterminal or putty method, and perhaps the console is unprotected, your just protected with the factory default.
0
 
LVL 3

Assisted Solution

by:rgeers
rgeers earned 166 total points
Comment Utility
The only thing you get when you do a factory reset is a usable VPN router, but since this one is End Of Life, and you allready planned to buy a new, I would leave it alone and install the new firewall. If you get in trouble you could allways put the old one back again. But all your VPN users should get updated new vPN profiles if you dont have any documentation, isn't this a problem?
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 167 total points
Comment Utility
The external NIC on the 192.168.1.x network is set to use a DNS and WINS server on the internal subnet, 10.0.0.1.  That is fine - this IP address is apparently assigned to the second NIC in the server.  I think this is OK - except that your screen capture again looks weird, as though the DNS and WINS addresses on the 10.0.0.1 NIC aren't there.  But I'm hoping that is just a bad screen capture and those settings point to the 10.0.0.1 address.
This, however, has nothing to do with not being able to get to the firewall.  Your default gateway is 192.168.1.254, which should be the IP address of the firewall. However, you said that you can't get to the Watchguard device using that IP address. I would go along with loshdog and agree that, since you are planning to reconfigure the network anyway, just reset the Watchguard firewall/router at that time and reconfigure it from scratch.  You will want to download the Watchguard System Manager software and use that, or if that particular model has a Web UI, you could enable that for management as well.
0
 
LVL 3

Assisted Solution

by:Lisij
Lisij earned 167 total points
Comment Utility
he didnt mention that he wanted replace the firewall.

also, on the initial setup on fireboxes you have to enter the readwrite password and readonly passwords. it is one of the steps in the setup, and i have the feeling it is a mandatory step.

you wouldnt need to find the ports to connect to it IF you use the management software. Ports are only for WebUI.

Bottom line, if you are re-structuring the network and do it properly (modem - router - firewall - switch < devices) you need to talk to your ISP and get the external IP adderss for the firewall. If you are keeping the existing firewall you HAVE to talk to watchguard and find out the state of the subscribtion for services for that device. At the same time ask if it is indeed at the end of life. Maybe it is worth getting the new one. Often Watchguard has promotions for upgrades.
Once you got the firewall figured out reset it, run the initial setup, configure WAN port, configure LAN port.
IF you have VPN users have to configure them on the AD (with watchguard it is a little tricky).
Then all you have to do is configure firewall rules. Out of the box it is open for the traffic from inside and blocking traffic from the outside. If you need to set up RDP, proxy filters, contect filters etc this is where you do it.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now