Question

Locked

Beginner Question : Finding Network Devices Behind Firewall

By robinson crusoe ·
We have two servers and thin clients. Windows Server 2003.

I have admin account to the server.

I must map our network(First find where the cables come to the switch from).

I can't reach user interfaces. Is it because of the firewall device? How can i reach the firewall, router and switch interfaces?

Thank you.

This conversation is currently closed to new comments.

17 total posts (Page 2 of 2)   Prev   01 | 02
Thread display: Collapse - | Expand +

All Answers

Collapse -

I haven't tried the ping packets

by robinson crusoe In reply to Did you try large ping pa ...

Thank you, you posted the clearest posts i've ever seen :) And thank you all for your patience.

I haven't tried the ping packets from the IT room. I was trying something else. Next, i'll try that. I don't have a notebook at work, but i'll carry my thin client to IT room if it's needed.

I almost forgot about the router because its ui is disabled and i don't want to cause security problems enabling it. I focused on the switch but it doesn't help that much. Even it should have a usefull interface we have two of them and one is not managed.

I didn't know much about port mirroring, like other basics :) Looking to wikipedi it may solve my problem like you said. I downloaded wireshark, i'll try that tomorrow at work.

It's getting a bit long because i really want to learn something. I should convince my boss for a plug out and in method or buying some cable tracer or other devices but i think if i solve this now, things will get easier in the future. I learned a lot of things making a research on this problem. I have time, it's not urgent.

We called cable fitters at the beginning, they told they couldn't help us. They don't have any information, that's what they said. I look at everything; cables, jacks, plates. Only 2-3 cables have labels on them telling where they were going.

Collapse -

Were you able to get MAC addresses from each client?

by cmatthews In reply to I haven't tried the ping ...

..Really you only need to label each client with the last 3 digits to identify it. Port mirroring is like like wire-tapping.. it lets you see the MAC address coming from that wire drop alone.

Above all, have fun with wireshark! Sometimes I have to kick myself to believe something so free can do so much. It's been fun helping out.

Collapse -

I brought my laptop from home and tried something

by robinson crusoe In reply to Did you try large ping pa ...

I connected to switch from it room. I tried your ping method. I think i couldn't understand your method well. Is it about the switch leds? I looked at them and see nothing. But maybe i missed something, there are 96 of them :S(24 ports on each switch, 1 led for link/activity, 1 for duplex). I tried 32, 1490 and 65500 bytes. No change.

Then i tried port mirroring method. I was able to map 10 of the ports, better than nothing. I know that 6 ports aren't used. There're about 8 ports left to be addressed.Some of them were so obvious. Some of them were complicated. Maybe there were a lot of connections on the clients, it was hard to find the right ip's.

I used lansurveyor program from solidworks so i had the device type and ip's. I didn't need to look at the mac addresses because of that.

As a result managed switch seems to be addressed easily. Main problem is the unmanaged one. And the unused slots in the rooms. I think i can handle it when i get the devices i need.

Collapse -

Every once in a while, a light goes on.. (hope you have a webcam)

by cmatthews In reply to I brought my laptop from ...

..It sounds like you're working alone, so write down a list of stations not identified and record switch-port LED activity as you go out and interrupt each one for 2 seconds.

BTW, you didn't say if your pings packets were returned successfully to your laptop, or not. It helps to know, since if the switch has VLAN's, you may not see successful pings... (some switches show activity better than others.. Also it's possible to see so many lights that it's not possible to focus on the steady rhythm of the ping packets)

Also I'm not absolutely sure that the second switch is unmanaged.. They are from the same series, the same brand, and it may support the "VLAN Tags" and some kind of a cascade arrangement. You may want to check anyway.

Collapse -

Yes, i'm alone...

by robinson crusoe In reply to Every once in a while, a ...

We'll buy a laptop with a webcam on it. It may help for plug out-in method as you say.

I understand your method but i want to address every ethernet socket in the company so i'll need devices as a result. Or it'll be a lot of work and time to plug out and in.

My ping packets returned successfully.

Second switch is unmanaged. It's written in 3com's website.
"The 3Com? Baseline Switch 2824 is a highly affordable, high-performance *unmanaged* Gigabit switch, ideal for dynamic, creative small-business environments."

I'll keep on researching.

Collapse -

Couple of comments...

by CG IT In reply to Beginner Question : Findi ...

first is a floor plan which shows the layout. If you have multiple floors, simply annotate it on the master sheet but the big thing is to have a floor plan that shows where all the offices are, where all the equipment is, and where all the terminals and outlets are.

Then you simply get a blinker and a helper to run around to each location, and you blink the switch port, mark it's location on the map using the numbering schene you designed to number both the cable and the keystone panel.

Fluke makes a blinker which will flash the switchport to trace the cable run. Netfinder makes one. heck just google it.

Once you've identified what cable goes where and labled it, you've got your network map that you can refer to. This documentation goes along with other IT resource documentation so when a user calls up and say they've got a problem, you know who it is, what computer they've got, where they are, and if your in the server room, you can simply go look on the switchport to see if their connected or log on to the switch and look at the switchport interface.

But the simple matter of tracing cable runs to a switchport, the best way, in my opinion, is using a blinker which just blinks the switchport.

Collapse -

That was the first thing

by robinson crusoe In reply to Couple of comments...

i first create a floor plan myself. It's not perfect but it's enough for me for now.

Is blinker cable tester, this one?
http://www.katstar.com/store/store.php/products/Netfinder-Network-Cable-Tester-39009

If it is why is it too expensive? There are models about 10$. Which will be ideal for us?

It's not only switch port mapping problem. I think my company will need these devices. We must buy the ones that answers our problems.

Back to Networks Forum
17 total posts (Page 2 of 2)   Prev   01 | 02

Related Discussions

Related Forums