DISCLAIMER: a lot of things in tech can be used for good or for evil. I am creating this document in the hopes that it helps some hapless admin regain connectivity to a Cisco device
to which they legitimately have been granted access. This information can also be abused, however, and if you attempt to use the information I provide here for illicit purposes, I accept no responsibility for the consequences of
YOUR actions. Use these techniques at your own peril!
I picked up two well-used Cisco Catalyst 2924XL switches to use in my home Cisco lab while working on my CCNA certification. Unfortunately, the console ports didn't seem to respond to my terminal program (Minicom) on my Linux laptops. Since there are two switches having the exact same problem, I doubt that it's a hardware failure; it seems like I must be doing something wrong. However, I have no problem accessing Cisco routers through the console or aux ports, nor do I have any problem accessing Foundry/Brocade switches, ImageStream routers -- well, pretty much any other network device that I have ever used -- so if I am doing something wrong, I have no idea what it might be. Usually a baud setting will still display text on the terminal, but it looks like gibberish. I, however, am getting an absolutely blank screen.
Edit: I found an interesting document on Cisco's web site discussing how various configuration registers affect, among other things, the console port. I'll be doing some investigation later, and will post the results here. I now return you to your regularly scheduled blog :)
All is not lost, however. Cisco includes an incredibly useful feature known as "Cisco Discovery Protocol," or "CDP." If you are lucky, you will find that your switch has CDP enabled. If you have another Cisco device handy that you
can manage, either through a console port or telnet session, run an Ethernet cable from the the 2924 switch to the other Cisco device. Make sure that CDP is enabled on the other Cisco device, then login. Wait a minute or two for the devices to begin communicating with each other. If the switch is running spanning tree, it will take a minute, more or less, to enable the port to the other Cisco device, and CDP, by default, sends updates once every 60 seconds, so be patient :) At the "Privileged Exec" prompt, type the following command:
Router# show cdp neighbor
If you are lucky (again), you will have output that lists, among other things, the IP address of the switch. If the switch has been configured previously
AND you think you know the telnet password, you can attempt to telnet to the IP address that you found through CDP (you can telnet directly from the other Cisco device, if you want). If the telnet password has not been set, you will see a reply telling you that a password is required, but none has been set. In that case, you can try to configure the switch through its web interface, after connecting a laptop or desktop to an unused switch interface port and setting the IP address of the laptop to match the subnet of the switch.
If CDP was not enabled, things get a lot more difficult. You can use tcpdump and/or wireshark (two packet sniffing tools available for Linux, and I believe OS-X and Windows as well) from a PC connected to the switch's network interface to capture traffic from the switch. On my E-Bay 2924, the switch was broadcasting CDP messages, but had no IP interface configured. However, with tcpdump, I noticed it was also broadcasting DHCP requests. I configured my 2651 router to serve DHCP, captured the DHCP negotiation (and therefore, the IP address that the 2651 offered to the switch) and was able to configure a telnet password through the web interface (painful, but it got me access to the switch).
No comments:
Post a Comment