cisco catalyst 2950 default options

Toggle sidebar Toggle sidebar
G

GoultySoul

Distinguished
Apr 1, 2015
70
0
18,630
Hi!

We have a Cisco Catalyst 2950 switch. We have some problem with the IP addresses here. Our sub-network IP is 192.168.64.*, but somehow some PCs get between 192.168.1.100 and 192.168.1.120 IP from time to time. ipconfig release/renew solves the problem, but it's really annoying for me and for the workers.

My question is, that the Catalyst swith has DHCP enabled by default? I can't configure the switch because I don't know to do it, but if I must I will, but i need to know the default options for it. This is the only configurable swith here so i can't think any other problem source.

Thank You!
 
Solution
B
So what is giving out the 192.168.64.x addresses, the firewall I assume ?

I would bet it is the firewall giving out the 192.168.1.x addresses in error.

The next time you get a 192.168.1.x address on a pc issue ARP -a. You should see the mac addresses of the machine in the 192.168.1.x that gave you the ip. It most likely will be 192.168.1.1 but pretty much I would check out any mac address you see associated with any 192.168.1.x ip.

Still if the ISP configured all this for you they are the ones that are going to need to fix it especially if you have no access the equipment. You may want to ask them for read only access so you can at least look at the configurations.
Sort by date Sort by votes
B

bill001g

Titan
Aug 9, 2012
28,322
2,755
125,640
It depends on which exact model of 2950 you have not all even support dhcp server. I think only the emi ones does. That switch is very old so I forget what features are supported on what devices.

By default the switch is the same as a dumb switch with all port assigned to a single vlan. It generally goes not even have a IP address or if it does it learns if via dhcp from your server. If it is running a dhcp server someone would had to configure it.

You could be in for a lot of work if someone else configured this and has also put passwords on it. Your first step is to get a console cable and see if you can get into the device. All you have to do is find a statement that looks like DHCP POOL and remove it.

It would be much more likely someone has a unauthorized router someplace. When one of the machines gets the wrong ip see if you can get the mac address that is associated with the dhcp server. It should should show up with the ARP -a command.

The mac address of the switch is printed on a tag someplace so you can tell if it is the switch.

If I remember correctly that switch has the ability to block invalid dhcp servers with a feature called dhcp snooping. So if someone plugs in a router with dhcp in your network the switch will block it. It tends to be a very common feature to have activated in a large company because someone always is plugging in stuff they are not suppose to.
 
Upvote 0 Downvote
G

GoultySoul

Distinguished
Apr 1, 2015
70
0
18,630


The thing is that I have an ISP firewall and the cisco switch configured by the ISP. (no server sadly, but i working on one) I can configure another switch to repleace the cisco, but that's not easy. The firewall has a trunk port (port 0) which is synchronized for specific ports of the switch to provide the communication between our network and the internet. the firewall has some ports that give 192.168.1.* IP but we don't use them now. So i thought the switch gives the .1* IP. But since U pointed out that the switch itself is dumb by default, so my guess is wrong. If i set a static IP for one of the PSs it will cause ip collusion (i experienced that a few times), because there is no server to manage the IP. I have to contact the ISP then.
 
Upvote 0 Downvote
B

bill001g

Titan
Aug 9, 2012
28,322
2,755
125,640
So what is giving out the 192.168.64.x addresses, the firewall I assume ?

I would bet it is the firewall giving out the 192.168.1.x addresses in error.

The next time you get a 192.168.1.x address on a pc issue ARP -a. You should see the mac addresses of the machine in the 192.168.1.x that gave you the ip. It most likely will be 192.168.1.1 but pretty much I would check out any mac address you see associated with any 192.168.1.x ip.

Still if the ISP configured all this for you they are the ones that are going to need to fix it especially if you have no access the equipment. You may want to ask them for read only access so you can at least look at the configurations.
 
Upvote 0 Downvote
Solution
G

GoultySoul

Distinguished
Apr 1, 2015
70
0
18,630


thank you for the help. I'll try out the ARP -a and we'll see.
 
Upvote 0 Downvote
G

GoultySoul

Distinguished
Apr 1, 2015
70
0
18,630
"I would bet it is the firewall giving out the 192.168.1.x addresses in error."

This and the APR- a tip helped me a lot!

Apparently the two Cisco routers had DHCP enabled on them, which i didn't know about. I disabled the dhcp on them, and it seems the problem is solved.

Thank you bill001g!

 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom