Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 398
  • Last Modified:

Vlans

How would I be able to tell which switch is faulty on a vlan if a network was configurd with say 30 switches across numerous cabinets? Is there anyway to diagnose this if i dont have vlan experience, apart from a visual inspection of course?
0
discoveranother
Asked:
discoveranother
  • 5
  • 4
3 Solutions
 
atrevidoCommented:
http://www.orbit-computer-solutions.com/Troubleshooting-VLANs-and-Trunks.phpI'm not sure why you would even think a VLAN was faulty.  A VLAN is just a tag that is appended to the IP packet of a data stream designating it into a specific virtual LAN.  If a VLAN was faulty that might mean that you have your tagging incorrect.  Ports must be tagged in  a particular VLAN or untagged in that VLAN depending on the usage and the device connected and whether it's NIC is VLAN aware and whether there is > 1 VLANs being carried on that switch port.

for example, you can have say an uplink port (or a trunk port is another name) from one switch to another that carries all VLANs.  In that case all the VLANs would need to be tagged on that port(s).  Another example is that you have 10 ports that are just for say the HR depeartment and they are in VLAN 99.  Their PC NICs are not VLAN aware (as most NICs are not in desktops) and you would then place those ports as untagged in VLAN 99.

The log file of the switch is the first place to look.  

Here is an interesting article that gives examples of some mismatched VLAN errors and how to troubleshoot
http://www.orbit-computer-solutions.com/Troubleshooting-VLANs-and-Trunks.php
0
 
discoveranotherAuthor Commented:
Whats the best way to connect to a vlan switch ? Is it via hyperterminal with a console cable, can it be connected to via http or https?
0
 
atrevidoCommented:
a VLAN is not a type of switch, it is a feature on a switch.  One of 100's of features.  What is your switch make and model? This would be needed to guide you in connecting to it
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
discoveranotherAuthor Commented:
The switch models are all Cisco:-

2950
2960
3560
3560 POE
3570 which i gather is classed as the main switch
0
 
iamsamCommented:
If the switches are configured with vty line access, I suppose you can simply telnet / ssh depending on the protocol allowed, otherwise console access would possibly be the easiest and you will need a console cord for that. If the configuration enabled http/https then even that could work, I suppose. You will need to know the switch ip's for that and connect via web-browser. Connecting to the switches isn't something that can be advised without seeing the configuration of the switches, the thing is if you want to see if a switch has a vlan setup the command-line "show vlan brief" should show you all active vlans and what ports on the switch are members of the said vlan.
0
 
atrevidoCommented:
So you need the blue Cisco console cable.  Plug it in to the console port on the front or rear of the switch, set your putty or hyperterm to 9600,N,8,1 and hit return a couple times.
0
 
discoveranotherAuthor Commented:
Thanks for that.

Can I check if a switch is faulty by logging into one switch, and the information provide me with info from other switches ?

I'm ok for logging into a switch now and have some info on certain commands, but would like to determine if I can check which particular switch is down.
0
 
atrevidoCommented:
THe switches are independant.  You would need to use a tool like PRTG for monitoring SNMP or netflow information from the switches.  Here is the link to PRTG  http://www.paessler.com/prtg
  http://www.paessler.com/prtg
0
 
discoveranotherAuthor Commented:
So basically if i didnt use that tool i'd have to long into each switch ot check if their status is up or down or whatever ?
0
 
atrevidoCommented:
yes, you would have to log in to each switch.
VLAN's aren't normally up or down.  Interfaces are up/down.  VLAN tagging is just a header of info wrapped around a packet of information for routing purposes on Layer 2.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now