Connecting to cisco switches

jamesd

I am looking after a site that has alot of cisco hardware and they want me to just give it a once over, I have explained to them that I dont do cisco but I can have a look over the network when I am there at the servers, I downloaded cisco network assistant 5.4 and I hope that is all i would need to looking at the switches for errors/ changing vland and backing up and restoring images from the switches.

Today I came onsite and with the info left from the cisco installers I gave my connection a go but failed.
Here is the info I was left:

Most Switches are setup in Vlans:
Vlan 50 is for the IP Tv's
Vlan 100 is for guest internet
Default is admin network


Main switch is Core 4500, Rest are 2960 range series switches and there are about 30 switches in total.



They left an excel sheet with details of what vlans were on what switches so here's an example from that:

192.168.90.108
2960_L1_A#
VLAN Name Status Ports
----

---

---

---

1 default active Gi0/2
50 IP_TV active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Fa0/25, Fa0/26, Fa0/27, Fa0/28
Fa0/29, Fa0/30, Fa0/31, Fa0/32
Fa0/33, Fa0/34, Fa0/35, Fa0/36
Fa0/37, Fa0/38, Fa0/39
100 WiFi_Broadband active Fa0/40, Fa0/41, Fa0/42, Fa0/43
Fa0/44, Fa0/45, Fa0/46, Fa0/47
Fa0/48


So I have the ip's of all the switches from the excel sheet and also the ip's are stickered to the top of all the switches.

I plugged in my laptop to the switch and it received an ip address 172.X.X.X from a dhcp router that controls their internet access so i then tried to connect with the network asistant to the 192.168.90.108 and it failed, I then set the address on my nic to 192.168.90.203 and it still failed to connect.

Any idea how I can connect? I see 1 of the switches has a red alert light on it so I really want to get it backed up and fixed.

ViDuchie

I'd say forget network assistant and learn to use telnet/console access to view recent loggs (if it's set to collect them).

Probably not something you want to hear, but if you're not up to spec on networking ( which I gather you are not at all ) then advise the customer to get a cisco engineer in for a daily rate to check out the system. Last thing you want is to miss something obvious and get blame laid on you down the road when there was a problem. It's your rep on the line.

Also your first mistake was setting a manual IP address on your NIC out of the subnet range for that VLAN. It just will not work. There may be access-lists on the switches too denying terminal access from specific IP's also.


Best of luck

ViDuchie

Is this a hotel ??? IPTV

I imagine there would be some good multicast configuration in there too.

Really get a contractor in, you'll **** yourself if you make a mistake.

ressem

Would agree with ViDuchie, it's a bit easy for an inexperienced person to screw up a Cisco setup. I've done it myself a few times, on non-live equipment.

Having said that, what port are you connecting to on that switch. Without connecting your laptop to the gigabit port, which is presumably an uplink, and would disconnect everyone using that switch, all the other ports (fast ethernet 1-48) are on VLANs which probably have no route to the admin interface.

In which case to configure the switch, you need to find a port on a different switch which allow you to connect to the admin interface, or to connect using the serial port which requires at least a basic cheat sheet of cisco's command line interface and some care.

Alun

I agree with the other posters. Unless you know what you're doing, stay well away.

Someone must have configured and installed these switches for the client originally. Surely they are the ones to contact if the client has issues with them, not you.

jamesd

It's in a large Hostel - I have got network assistant working on the switches on the admin network (different ip range) and from there i could see the vlans on the switches and see that the fans were ok and the temps are ok.

So im guessing that I have a wrong subnet/ip on my nic for accessing the 192.168.90.x range of switches but i tried using 4 different subnets (255.255.255.255),(255.0.0.0),(255.255.0.0) and (255.255.255.0).

ViDuchie

Forget all that and initially use the console port to connect to a single switch. View it's config and then use that to get an idea of what the network setup is like.

Fans/Temp may be the least of your worries, there are lots of things you should be looking for.

I have yet to come across a good cisco engineer that uses SDM or Network assistant. Besides the switch needs to be configured to allow network assistant to have access.

SNMP/HTTP access may be disabled on the switch.

Can you ping the switches from the DHCP address you were given? Traceroute maybe tell you if there is routing to get to those subnets.

If you are getting a valid DHCP address on a port in the 172 range then applying anything in the 192 range will not work. Considering the VLAN assignments for the port are correct.

I could go on and on, final word. Get someone who has experience in this or you may well end up looking like a tool.

jamesd

I think i will take your advice and get someone in the midlands that is cisco qualified.

johnmd

Console cable into each switch and then so a sh run from the console prompt.
There is probably multicast for the IPTVs and IP trunking on some of these as well so don't go conf -t and changing anything without taking a backup of a running config for each of the switches first.
Otherwise you will have a world of trouble.
You would be better off getting a copy of the running configs from each of the switches,drawing out a network diagram and then giving them to a cisco guy as the others mentioned.

NullZer0

As mentioned above - Console port unless you can get a connection in the same subnet as VLAN1 management interface.

Its highly recommended that you get a Cisco guy to take a look at it.
If you are not so familiar with Cisco there are simple things that you can do to mess up configs if you haven't had a chance to study and understand the commands in relation the specific technology.

NullZer0

ViDuchie wrote: »

Is this a hotel ??? IPTV

I imagine there would be some good multicast configuration in there too.

Thats where the fun starts!