Cisco Routers

Cisco routers provide access to applications and services, and integrate technologies

IP Phone - Cisco

IP phone takes full advantage of converged voice and data networks, while retaining the convenience and user-friendliness you expect from a business phone...

WAN - Cisco Systems

Transform your WAN to deliver high-performance, highly secure, and reliable services to unite campus, data center, and branch networks.

EtherChannel - Cisco Systems

EtherChannel provides incremental trunk speeds between Fast Ethernet, Gigabit Ethernet, and 10 Gigabit Ethernet. EtherChannel combines multiple Fast ...

Looking Toward the Future - Cisco Systems

Looking Toward the Future by Vint Cerf. The Internet Corporation for Assigned Names and Numbers (ICANN) was formed 9 years ago....

Pages

Saturday, November 16, 2013

How to find specific mac address or IP address in a Cisco Switch port

Trick and tip for network admin you should know when you work on enterprice switch. These commands will help you to work faster. If you know the IP address of the device then try to ping it from within the switch. If the device is pingable, then do a simple sh ip arp command. This command will show the MAC address of the device. 

TB-CS-4506#
TB-CS-4506#ping 142.30.15.254                                                        ## Step 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 142.30.15.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

TB-CS-4506#
TB-CS-4506#sh ip arp 142.30.15.254                                                ## Step 2
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  142.30.15.254         140   18ef.63dc.aacd  ARPA   Vlan20

Then, do the show mac-address command on the switch. This will show the interface (or IP) to which it is connected to a port or through which it is learned.

TB-CS-4506# 
TB-CS-4506#sh mac address-table address 18ef.63dc.aacd         ## Step 3
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  20    18ef.63dc.aacd    DYNAMIC     Gi2/0/5
Total Mac Addresses for this criterion: 1
TB-CS-4506#

This indicate the the device is connected to port GigabitEthernet2/0/5. There you can find the device.

Cisco Switch Command

Note: You can use the below command to check the ip address of devices on different subnet
"ping ip" then "show ip arp | include <mac address>" or "show cdp neighbors detail | begin <mac address>"
 

How to configure SNMP cisco and basic commands for Snmpwalk

This article will guide your through the steps to enable SNMP in Cisco Routers and Switches including how to apply security as the configuration of the underlying devices. This is to make the devices more secure same as international companies worldwide practice.

Cisco SNMP Agent
 
Here's an example:
  1. Telnet to the switch/router
    C:\Users\LAX>telnet THHQCE7-3845
  2. Enter the Enable mode
    THHQCE7-3845> enable
    Password:
    THHQCE7-3845#
  3. Enter Config Mode
    THHQCE7-3845# configure terminal
  4. Use the command below to add a Read-Only an Read write community string
    THHQCE7-3845(config)# snmp-server community 14all3$$ RO
    THHQCE7-3845(config)# snmp-server community gds4chv1 RW
Configuration Examples for snmp-server setting:
   snmp-server community 14all3$$ RO 30
   snmp-server community gds4chv1 RW 10
   snmp-server community mrtg RO 1300
   snmp-server community VBCCrep0rting RO 1333
   snmp-server ifindex persist
   snmp-server trap-source Loopback0
   snmp-server location THHQCE7-3845: Facility-Code THHQ, Offshore (Thailand) Ltd, Bangkok7th floor, Building BB, 123 Vibhavadi Road, Jatujak, Bangkok 10900
   snmp-server contact network operations 66-6428 xxxx
   snmp-server enable traps tty
   snmp-server enable traps config
   snmp-server host 172.20.71.201 Voyence  config
   snmp-server host 172.20.3.35 Voyence  config
   snmp-server host 172.20.71.201 config
   snmp-server host 172.20.9.201 config

Next, I highly recommend to configure SNMP in order to make it secure. If you want to secure the communication between network monitoring tool (WhatsUp, Solarwinds, Nagios) and the switches/routers you'll have to use SNMPv3.

ACL SNMP setting example;
   !<----- ACL 10 for Read Write, ACL 30 for Read Only
   !
   ! ACL 10 – SNMP READ WRITE
   !
   no access-list 10
   access-list 10 permit 172.27.124.18 log
   access-list 10 permit 136.171.124.18 log
   access-list 10 permit 172.20.71.200 log
   access-list 10 permit 172.20.9.200 log
   access-list 10 permit 172.20.50.21 log
   access-list 10 permit 172.20.46.70 log
   access-list 10 deny any log
   !
   !
   ! ACL 30 – SNMP READ ONLY
   !
   no access-list 30
   access-list 30 permit 172.20.46.89 log
   access-list 30 permit 172.20.46.114 log
   access-list 30 permit 172.20.50.22 log
   access-list 30 permit 172.20.32.5 log
   access-list 30 permit 172.20.46.5 log
   access-list 30 permit 172.20.46.6 log
   access-list 30 permit 172.20.46.8  log
   access-list 30 deny any log
   !


Testing:
   To test the new configuration use snmpwalk on your linux server running your network monitoring tools

   [root@ARNAG libexec]#snmpwalk -v 2c -c COMMUNITYSTRING IPADDRESS
   [root@ARNAG libexec]# snmpwalk -v2c -c Savvi148 172.20.1.35
   SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software, C2960S Software (C2960S-         UNIVERSALK9-M), Version 12.2(55)SE7, RELEASE SOFTWARE (fc1)
   Technical Support: http://www.cisco.com/techsupport
   Copyright (c) 1986-2013 by Cisco Systems, Inc.
   Compiled Mon 28-Jan-13 10:28 by prod_rel_team
   SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1208
   DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (209528058) 24 days, 6:01:20.58
   SNMPv2-MIB::sysContact.0 = STRING:
   SNMPv2-MIB::sysName.0 = STRING: THHQSL2-2960S
   SNMPv2-MIB::sysLocation.0 = STRING:
   SNMPv2-MIB::sysServices.0 = INTEGER: 6
   SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
   SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::enterprises.9.7.129
   SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::enterprises.9.7.115
   SNMPv2-MIB::sysORID.3 = OID: SNMPv2-SMI::enterprises.9.7.265
   SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::enterprises.9.7.112
   SNMPv2-MIB::sysORID.5 = OID: SNMPv2-SMI::enterprises.9.7.106
   SNMPv2-MIB::sysORID.6 = OID: SNMPv2-SMI::enterprises.9.7.47
   SNMPv2-MIB::sysORID.7 = OID: SNMPv2-SMI::enterprises.9.7.122
   SNMPv2-MIB::sysORID.8 = OID: SNMPv2-SMI::enterprises.9.7.135
   SNMPv2-MIB::sysORID.9 = OID: SNMPv2-SMI::enterprises.9.7.43
   SNMPv2-MIB::sysORID.10 = OID: SNMPv2-SMI::enterprises.9.7.37

These are the command to check Input/Output Discard and Input/Outpu Errors :
   [root@ARNAG libexec]#snmpwalk -Ofn -v 1 -c Savvi148 172.30.1.20 1.3.6.1.2.1.2.2.1.19
         "ifOutDiscards"  "1.3.6.1.2.1.2.2.1.19"
   [root@ARNAG libexec]#snmpwalk -Ofn -v 1 -c Savvi148 172.30.1.20 1.3.6.1.2.1.2.2.1.13
         "ifInDiscards"  "1.3.6.1.2.1.2.2.1.13"
   [root@ARNAG libexec]#snmpwalk -v2c -c Savvi148 172.20.1.20 .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry
            1 . 3  .  6  .    1      .   2    .   1     .     2        .      2    .    1     . 13
         .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInDiscards
         .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInErrors
         .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOutDiscards
         .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOutErrors

Cisco SNMP