Invalid IP configured in Enterasys VH-2402S

  • 0
  • 1
  • Problem
  • Updated 2 weeks ago
  • In Progress
I have acquired an Enterasys VH-2402S switch. I am unable to communicate with it using console management port via puTTy (black screen/no response) or any other method. I had no idea of the IP configured in this switch. After some thought, since I acquired this switch from a network guy, who also did not know the IP, suggested I try a range of IPs in the 172.22.xx.xx range since it came from his company. Using AdvanceIP Scanner I was able to determine the configured IP address of the switch is 172.22.xx.255. Wow. This is an invalid IP I'm sure, and is preventing me access to it via CLI / ethernet cable. How do I gain access to this switch? I asked that network guy and just got a shrug and statement that I probably can't. It's almost like he knew it and wasn't bothering with it... Anyway, any ideas on how I can get access to this switch to change the IP to make the switch useful? Thnks!
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb

Posted 4 weeks ago

  • 0
  • 1
Photo of Tomasz

Tomasz

  • 870 Points 500 badge 2x thumb
Hello Dale,

what is the console cable you are using, is it a crossover? What are the serial connection settings?
Asking just to make sure this is set up correctly and the console interface is still healthy.

Regards,
Tomasz
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
Understood. I was given the cable by the company that had the switch. It is a blue flat ribbon-like cable with writing: AWM Style / 20251 / E129757 / 60degree C / 150v / 26AWG / Lorom / CSA. They have sort of like ethernet ends (RJ45?). But these ends clip into COM port adapters. I have only one COM port on the PC (COM1). One end to that. The other end into the console management port in back of the switch. PuTTy settings I used were: serial / COM1 / 9600 / 8 data bits / 1 stop bit and XON/XOFF for flow control. I have also tried different baud rates and changed flow control to none as well. I am somewhat familiar with puTTy and know telnet pretty well. I have also configured ethernet adapter in an attempt to access the switch via browser using ethernet cable. But of course, this simply returns invalid_address_IP, even if I fool with the mask numbers. I even tried an SSH session a couple of times since I know what the IP is now in the switch but that doesn't work either. I have configured a network switch in the past so am some familiar with a serial session. But I think somehow this configured invalid IP is not allowing me to get into the switch.  I really would like to use this switch if I can overcome this barrier. Thanks for checking this post! /dale
Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
Why do you think a 172.22.XXX.255 address is an invalid address? 
With regards to gaining access - what ports are open on the switch?   Since telnet and ssh are common remote access programs, what's returned from nmap -p 22,23 <address/name_of_switch>? 
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
Robert, I installed nmap/zenmap. I admit I am not sure I did your suggested command line right. I used the zenmap GUI and also dropped down to the nmap command line via CMD. Anyway, some snips attached.

Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
Sorry, when I said <IP_address/name> I should have said <IP_address|name>, you can use the IP_address or name of the device (if it's in DNS/resolved by name).   

nmap can scan an entire network.   The syntax for you would be nmap -p 22,23 172.22.34.0/23   Note, it will not scan the broadcast address of the network.  That's why I suggested setting your network address to say 172.22.34.254/21.  Don't worry about a gateway.   Run nmap -p 22,23,80 172.22.32.0/21 and wait.  you will scan for sshd, telnetd, and httpd from 172.22.32.1  - 172.22.63.255... IIRC; it's at least beyond 172.22.35.255 which is what you want.    You want 172.22.35.255 to be a host address on the network.  
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
Because of the Mask setting I was told from the network guy. 255.255.254.0. I confirmed the IP range they used 172.22.34.0/172.22.35.xxx. I don't know nmap but am checking it out now. Attached is how I determined the IP of the switch. Strangely it says the manufacture of the switch is Dell!
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 48,638 Points 20k badge 2x thumb
I'm pretty sure that that is the MAC of the notebook that was used for the test.
.255 is the broadcast address in the /24 network
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 48,894 Points 20k badge 2x thumb
You'd run wireshark to capture packets from the swtich - If the switch has a default gw configured you should see his IP.

e.g. my switch has .151 and is looking for the default gw of .254

214 26.557654 ExtremeN_8b:d2:98 Broadcast ARP 60 Who has 172.25.25.254? Tell 172.25.25.151

But I still think the best way to access the switch is the console e.g. if the switch has no IP - right now we only assume there is one configured

Here the console port settings of the switch...
Configure the terminal to the following communication settings:
VT100 emulation, 19200 baud, no parity, 8 data bits, 1 stop bit, no
flow control, ASCII character set
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 48,894 Points 20k badge 2x thumb
So it's 19200 baud instead of the 9600 that you've used before.
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
Yes. I did try this baud rate. But I have tried so many things now, I think I need to start writing some stuff down... I will try again
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I redid this and still receive a black screen in putty with no response from the switch. I have also pressed enter a couple of times to see if that would bring up response. Nothing. It was suggested to me previously to unplug the switch while putty was still up and the serial cables attached and then plug the switch back in. Apparently sometimes this will bring a response in the console, but that does't do anything either; still a black screen in putty.
Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
You'll only see the switch/router if it sends out a packet.  If this is an inband IP address of a switch, it will not send a packet out unless it is trying to reach a log host, time server, or some kind of authentication server.   If it is a router, it will send out ARP requests if it has a packet for a system that should be on its network for which it does not have a MAC address in the ARP tables.   
FWIW,  I'd use nmap, scan a network and search for open, known ports of the device in question, i.e.  if you suspect it is on 172.22.34.0/23 and the device supports http management, nmap -p 80 172.22.34.0/23 and wait for it to find the device.  You can then target for additional services at the specific address.  
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
Oh, I think you are right about the MAC and it doesn't match the MAC on the back of the switch. I can say that the PC in not currently connected to any network or internet, just standalone for this switch thing...
---just got nmap installed, will be looking at that now...
Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
Yes, if the network is 172.22.34.0/23 then the broadcast is 172.22.35.255 and that's a problem as the switch is at the broadcast address of the network.   Typical tools like ssh and telnet are not going to work w/ a broadcast address....but... you can fool them!   If you're isolated here, set the net mask on your system to a /21 and pick an address in the 172.22.32.0/22 range (actually, you need to assign the address on the same network as the target system, based on what its network and mask are.  You need this connection to be switched and not routed otherwise it won't work.  I'd pick 172.22.35.254/21; the network needs to be large enough that 172.22.35.255 is not the broadcast address for the network; 172.22.32.0/22 has a broadcast 172.22.35.255; 172.22.32.0/21 has a broadcast of 172.22.63.255).    You'll need to modify your network connection before using nmap as I don't think nmap works with a broadcast address; at least I've never tried it.
Photo of Dale

Dale

  • 210 Points 100 badge 2x thumb
I'm going to print this out Robert. I think I follow it up to a point. I will give it a go and report back. Thanks!
Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
I think I'm off on the broadcast for 172.22.32.0/21; it's 2^11 host IPs and the network changes every 2^3 or 8; so the next network is 172.22.40.0/21 and the broadcast would have been 39.255; apologies for the math mistake.  

The idea is to make the target address on the same IP network as your device and not a broadcast address.   If it is on the same IP network then the connection is switched instead of routed.    Switches do not care about IP addresses, they only care about MAC addresses.  I've used this technique many times to "recover" a machine w/ the wrong IP address for the VLAN to which it is attached though I've never had to try it with a broadcast address; most sane OSes will not allow you to assign a broadcast address to an interface.   

If the switch thinks its address is the broadcast address it may not respond to the ARP request for 172.22.35.255; if that's the case you'll have to populate your ARP table with the IP address/MAC address of the switch and it still may not work but it's something to try.  
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
Perhaps, there really is something wrong with the switch? The supposed configuration was 172.22.34.13 / 255.255.254.0 /172.22.34.9 (.9 being the gateway). After badgering the guy I got this from he says his only knowledge of the switch was the above recorded config he had in his files but he says it was misconfigured (he didn't know to what). When I mentioned the .255 I found thru AdvancedIP scanner, he said maybe... I'm not sure I'm getting straight answers from him, but regardless it would be useful to me if I could make this switch work. Thanks all for taking an interest in this problem. I'm going to try the wireshark thin now...
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I'll be back with this more and respond with some results on 8/29. Thanks all. It really is appreciated! /dale
Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
Did nmap find anything @ 172.22.34.13?  If not, then that's not the address of the switch or the switch isn't supporting common access protocols like telnet, ssh, or http.  You might also try https (443), though at this point you might want to find a way to reset the switch to some kind of factory default.   
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I'm just starting on this again today. Actually, I have searched high and low; googled, Binged, looked at manuals, etc to see if there was a way to reset to factory default. Since Enterasys is now Extreme Networks most web links point to it's website and knowledge base where I found nothing concerning resetting the switch. I would love to reset!
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
No nmap didn't find .13. Based on my previous info about this switch, I really do believe this thing is set at .255
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I think I have now confirmed the switch IP Address as .255. Attached is nmap result and the way I configured the network adapter. With this result I tried an ethernet cable from PC to switch but it doesn't come up. Not sure where to go from here...

Photo of Robert Cummins

Robert Cummins

  • 582 Points 500 badge 2x thumb
Are you connected directly to this switch?    I agree that it appears the switch is @ 172.22.35.255.   Unfortunately, you have likely set this up to be routed and not switched and this is why.
The switch has a netmask of /23 right?  You believe it is 172.22.35.255/23; that makes the network 172.22.34.0 and the broadcast address 172.22.35.255.   When the switch replies to your packets it needs to send them to 172.22.32.15, which is not in its IP network so it will send the packet to the router.   Now, if the router manages the IP network that contains 172.22.32.15, it will forward the packet to the appropriate VLAN for delivery to your system, if it doesn't then it sends it on to another router based on its routing rules.  
To have a chance here you need to:
  • plug into the switch directly
  • configure an IP address on the same IP network as the switch (we think it is 172.22.34.0/23; it could be 172.22.35.0/24).  The best address to use is 172.22.35.254/21 - why?  B/c this address will be on all networks as 172.22.35.255 sans 172.22.35.255/32 and it is the first network (172.22.32.0/21) where the address 172.22.35.255 is not the broadcast address for the network. 
It's important here that the two devices be on the same VLAN and in the same IP network.  In your setup above the switch is on the same IP network as your system *as viewed from your system* but your system is not on the same IP network *as viewed from the switch*

Make sense?
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I need to digest this... It seems I may not be plugging in the right stuff. I'll keep plugging away. Thanks!

Oh, also to answer you specific question. I am currently plugged into the switch via serial and ethernet PC to Switch.
(Edited)
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I have now ran wireshark and got these entries. I don't really know what it is telling me especially concerning the switch. I'm just looking for clues on how to get into this switch.

Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
I'm not quitting on this but I do have to put it aside so I can catch up on other work. I think I have some very useful information to keep trying. I promise to be back soon with additional findings or success. Does anyone have any thoughts of me trying serial access to the switch by rigging up modem access to it? My thought here, and somewhere in my searches, I saw a document that showed AT commands that talks with the switch. I haven't fooled with AT commands since the modem days being the only way to the internet. But I can do it to try it. In some ways I don't see it as much different the PuTTY access, but I'm hoping the AT commands may provide a different way to get into the switch. Thanks all. I have been educated! I will be back with this. /dale
Photo of Dale

Dale

  • 230 Points 100 badge 2x thumb
9/10/18. I found sometime to work on this IP switch problem. I understood Robert's suggestion of making the network "bigger" to allow the .255 broadcast IP to not be a broadcast IP. I have only limited success tho. Before, my connection attempts would result in "fail to resolve" the IP. I am past that but now I get "connection time out" messages. I can now ping the switch .255 (before I couldn't); scanners find the switch, it is in ARP, etc. The serial console still fails to respond using serial, telnet or SSH. I am starting to think something is wrong with the serial console card in this switch. Other ways in connecting was tried such as ethernet cable but it results in connection timouts too. Just looking for any more thoughts, suggestions or ideas on this... Thanks. /dale
Photo of Steffen Schwade

Steffen Schwade

  • 230 Points 100 badge 2x thumb
Attach a VT100 compatible terminal or a PC running a terminal emulation
program to the serial port on the Management Module. Use the nullmodem
cable provided with this package, or use a null-modem
connection that is compatible with the console port pin assignments
shown in Appendix A of the VH-2402S2 Hardware Installation Guide.
Do not use X.X.X.255 for IP Address