Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Map a Network

Options
  • 01-04-2010 5:00pm
    #1
    Registered Users Posts: 3,088 ✭✭✭


    Hi Guys,

    For the Networking guys;

    If you arrived at a new site with a large Network, say 50 offices each with a router & pix.
    • How would you map a network from scratch? (WAN not main office say)
    • Find out what the make and model of each router & pix was?
    • Find the external & Internal IPs?

    Ive looked around and cant see an easy solution, they have an router and firewall in the main site which everyone connects too which could be of use but I dont know... Im not good with big network stuff :)

    Any help or ideas would be great


Comments

  • Registered Users Posts: 1,165 ✭✭✭Stky10


    Do they use SNMP on the routers and PIX?. Cos if they do, there are loads of network mappers that will do the network discovery for you.

    If not, you've got to start at the main hub, and work your way out from there. IP addresses and Wan link speed being more important than router/pix model.


  • Closed Accounts Posts: 3,362 ✭✭✭rolion


    Help,i can pass you my contact details and i do it for you OR assist you...

    Ideas....
    -try to read the config on the router /pix,create map of lan/wan IPs.
    -once u have the full/partial list of IP ranges,then google for an Advanced IP Scanner
    -create a list with all devices based on their IP address
    -search for "inventory" software (loginventory) and scan / create a full database with all devices one each subnet
    -then...manipulate data,drive over remote offices...

    It can be easier or harder,depending on how ACL are set on PIXes,router access and so on...
    Cisco has a nice utility that scans and create a visual map of net devices.
    3Com as well...

    So it looks that's gonna be lot a fun...
    Rgds.


  • Registered Users Posts: 3,088 ✭✭✭Static M.e.


    Hi rolion\Stky10,

    Thank you both for your advice. I forgot to post back what happened, I contacted a Cisco partner and they offered to send in an Engineer to do a free IBLM across the network, seeing as they have so much Cisco gear.

    Hopefully he\she will be here this week and I can see what they do or software they use.

    (From my initial hunting around, the devices seemed to have a mismatch of settings with no common username\password and SNMP both off and on with different strings..)

    By the end of this, I hope to have to use the same number images across all sites with common SNMP strings, and security settings.

    Again, thank you for you help


  • Closed Accounts Posts: 3,362 ✭✭✭rolion


    Good for you...share the experience ! :)
    Quite strange is the FREE assessment ! ? ?


  • Registered Users Posts: 21,444 ✭✭✭✭Alun


    rolion wrote: »
    Good for you...share the experience ! :)
    Quite strange is the FREE assessment ! ? ?
    Not at all, they will undoubtedly in the course of the assessment spot all kinds of 'problems' and 'potential improvements' which unsurprisingly can all be solved by upgrades of all sorts, and spell extra income for Cisco. They're not in the habit of doing things for free unless there's something in it for them :)


  • Advertisement
  • Registered Users Posts: 192 ✭✭bonzer1again


    In the meantime you could try this
    http://nmap.org/zenmap/
    its network mapping software, sometimes used by hackers to find out about network vulnerabilities but it should map the network in question for you...it does no harm, so you can use without worry.

    The command to map a network on a cisco router/switch, that could help you is

    show cdp neighbors
    or
    show cdp neighbors detail

    (american spelling is important to note)
    that command will tell you what the local interface has connected to it and the type of platform it is (2600 router, 2950 switch etc)....try it


  • Registered Users Posts: 3,088 ✭✭✭Static M.e.


    Thanks bonzer1again, that looks quite helpful

    On the Free Cisco scan, I can see Aluns point, that they will no doubt be looking at what we need to upgrade/refresh. Even with that angle though its still nice to offer the service, at least it gives us the information to make that decision when the time comes.

    (havent heard back from Cisco yet, will let you know what happens)


  • Closed Accounts Posts: 3,362 ✭✭✭rolion


    CDP could be disabled on switches and/or routers interfaces !
    Let us know how this goes...

    :)

    In the meantime you could try this
    http://nmap.org/zenmap/
    its network mapping software, sometimes used by hackers to find out about network vulnerabilities but it should map the network in question for you...it does no harm, so you can use without worry.

    The command to map a network on a cisco router/switch, that could help you is

    show cdp neighbors
    or
    show cdp neighbors detail

    (american spelling is important to note)
    that command will tell you what the local interface has connected to it and the type of platform it is (2600 router, 2950 switch etc)....try it


  • Closed Accounts Posts: 491 ✭✭Some_Person


    The Dude
    Advanced but great.


  • Registered Users Posts: 192 ✭✭bonzer1again


    Had a look at "the dude"....powerful piece of kit....good recommendation!!


  • Advertisement
  • Registered Users Posts: 1,629 ✭✭✭NullZer0


    There are a couple of Solarwinds tools that can definately complete the majority of tasks required here.


Advertisement