Map a Network

Static M.e.

Hi Guys,

For the Networking guys;

If you arrived at a new site with a large Network, say 50 offices each with a router & pix.

• How would you map a network from scratch? (WAN not main office say)
• Find out what the make and model of each router & pix was?
• Find the external & Internal IPs?

Ive looked around and cant see an easy solution, they have an router and firewall in the main site which everyone connects too which could be of use but I dont know... Im not good with big network stuff

Any help or ideas would be great

Stky10

Do they use SNMP on the routers and PIX?. Cos if they do, there are loads of network mappers that will do the network discovery for you.

If not, you've got to start at the main hub, and work your way out from there. IP addresses and Wan link speed being more important than router/pix model.

rolion

Help,i can pass you my contact details and i do it for you OR assist you...

Ideas....
-try to read the config on the router /pix,create map of lan/wan IPs.
-once u have the full/partial list of IP ranges,then google for an Advanced IP Scanner
-create a list with all devices based on their IP address
-search for "inventory" software (loginventory) and scan / create a full database with all devices one each subnet
-then...manipulate data,drive over remote offices...

It can be easier or harder,depending on how ACL are set on PIXes,router access and so on...
Cisco has a nice utility that scans and create a visual map of net devices.
3Com as well...

So it looks that's gonna be lot a fun...
Rgds.

Static M.e.

Hi rolion\Stky10,

Thank you both for your advice. I forgot to post back what happened, I contacted a Cisco partner and they offered to send in an Engineer to do a free IBLM across the network, seeing as they have so much Cisco gear.

Hopefully he\she will be here this week and I can see what they do or software they use.

(From my initial hunting around, the devices seemed to have a mismatch of settings with no common username\password and SNMP both off and on with different strings..)

By the end of this, I hope to have to use the same number images across all sites with common SNMP strings, and security settings.

Again, thank you for you help

rolion

Good for you...share the experience !
Quite strange is the FREE assessment ! ? ?

Alun

rolion wrote: »

Good for you...share the experience !
Quite strange is the FREE assessment ! ? ?

Not at all, they will undoubtedly in the course of the assessment spot all kinds of 'problems' and 'potential improvements' which unsurprisingly can all be solved by upgrades of all sorts, and spell extra income for Cisco. They're not in the habit of doing things for free unless there's something in it for them

bonzer1again

In the meantime you could try this
http://nmap.org/zenmap/
its network mapping software, sometimes used by hackers to find out about network vulnerabilities but it should map the network in question for you...it does no harm, so you can use without worry.

The command to map a network on a cisco router/switch, that could help you is

show cdp neighbors
or
show cdp neighbors detail
(american spelling is important to note)
that command will tell you what the local interface has connected to it and the type of platform it is (2600 router, 2950 switch etc)....try it

Static M.e.

Thanks bonzer1again, that looks quite helpful

On the Free Cisco scan, I can see Aluns point, that they will no doubt be looking at what we need to upgrade/refresh. Even with that angle though its still nice to offer the service, at least it gives us the information to make that decision when the time comes.

(havent heard back from Cisco yet, will let you know what happens)

rolion

CDP could be disabled on switches and/or routers interfaces !
Let us know how this goes...

bonzer1again wrote: »

In the meantime you could try this
http://nmap.org/zenmap/
its network mapping software, sometimes used by hackers to find out about network vulnerabilities but it should map the network in question for you...it does no harm, so you can use without worry.

The command to map a network on a cisco router/switch, that could help you is

show cdp neighbors
or
show cdp neighbors detail
(american spelling is important to note)
that command will tell you what the local interface has connected to it and the type of platform it is (2600 router, 2950 switch etc)....try it

Some_Person

The Dude
Advanced but great.

bonzer1again

Had a look at "the dude"....powerful piece of kit....good recommendation!!

NullZer0

There are a couple of Solarwinds tools that can definately complete the majority of tasks required here.