Networking in a small office

[Ragnarb]

I've recently begun working at a small office and they've asked me to look into how their network.. works. I'm not the first person I'd call when you have a networking problem, in other words, my knowledge of it is very limited, so I'm wondering what the best way to go about it would be.

There is a "central location", which has.. all sorts of cables connected into the wall. The thing it connects to on the wall is.. some sort of a board, which the guy that handled it before called "T3", and on it each hole is named "T3.1", "T3.2", and so on. From there I presume it connects to the sockets in the walls, which are also named T2-T3 something. Interestingly though I found no similar board called "T2", but the wall has several T2.x sockets.

In that same room, there's some Cisco 800 series device that blinks, and I can't quite tell what connects to it. I realize this information may not prove to be very adequate, but the device/board/cables are very hard to reach, and I was wondering if you could tell me (by some guesswork perhaps), how this all works?

I'm more than willing to take a look at any single object that may be in that room (or elsewhere), I just need to know which bits are important and what they do. My instructions weren't very specific, I was simply asked to "get into it".

 

[Comblues]

First things first...

1. Picture of it "as-is" - You can refer to this later.
2. Inventory - Asset Numbers, Make/Model, Serial Number - Gotta know what you got and it will give you some deliverables to show the boss.

3. Ask for the telco contracts.

4. Draw those sockets in a program like Visio (diagrams).

After that I need to know do you know the Cisco IOS for that 800 and which device is terminating that T3, etc?

Um....

Truthfully you may be over your head by the sounds of it. I know you kind of said this already.

Any chance you need a remote consultant to help you out a little?

Ask for the documentation and the computer of the previous person who maintained this equipment - you might find a lot of useful information this way.

I'd say run a port scan across your network and figure out what the internal network is doing.

There's so much to convey to you and some it probably won't make much sense.

Comblues

 

[Ragnarb]

I'm fairly sure that this is what I referred to when I mentioned the Cisco 800 series device:

http://www.cisco.com/en/US/products/hw/routers/ps380/index.html

So a simpler question would be, what does this do/why would you need this device?

"They facilitate consistent IT policy management across all devices." - Is a device like this really needed in an office of.. ~10 people?

Edit: Thank you for your reply, I'll get to it in a brief moment, didn't see it before this post.

 

[rsutoratosu]

That looks like the device my local company provides for data & voice. Who's your telco provider ? find out and that might answer the question of having that cisco 800 box

 

[Ragnarb]

That looks like the device my local company provides for data & voice. Who's your telco provider ? find out and that might answer the question of having that cisco 800 box

Will do that, regarding the VoIP, don't most routers support that? If not all?

 

[Mushkins]

Ask for the documentation and the computer of the previous person who maintained this equipment - you might find a lot of useful information this way.

This was my favorite part of walking into a nearly identical situation on day one of a new sysadmin job.

My second favorite part was their answer: "what documentation?"

 

[Ragnarb]

This was my favorite part of walking into a nearly identical situation on day one of a new sysadmin job.

My second favorite part was their answer: "what documentation?"

Yeah, no such luck here either. :/

I've been reading up a bit on wireless networks so far but I guess my next move will be to find out what devices we're using, and to find out where all those cables are going. After that I have some googling to do I believe. I do believe I'm in way over my head if anything goes wrong at this point. But so far the only thing that has happened I've heard is that a cable got disconnected, and the guy who handled it before me just guessed where it was supposed to go.

 

[alkemyst]

Yeah, no such luck here either. :/

I've been reading up a bit on wireless networks so far but I guess my next move will be to find out what devices we're using, and to find out where all those cables are going. After that I have some googling to do I believe. I do believe I'm in way over my head if anything goes wrong at this point. But so far the only thing that has happened I've heard is that a cable got disconnected, and the guy who handled it before me just guessed where it was supposed to go.

If you dont have the topology, your first order of business would be to get the physical network mapped out and then the logical version of it.

I'd make a backup of all the configs and VLANs as this was done.

Build all your changes / fixes on paper first and then implement.

 

[Comblues]

Ok - What model is that 800 router?

I'm supposing that T3 is probably not a proverbial T3 Circuit. It's probably a cross-connect to another patch panel in the building or somewhere else.

Do you know how to perform Cisco Password Recovery on the Router?

If not, then start there.

If you want to let me know when you are at the router or can be and what timezone you are in, we can walk through it using the forum and some others can benefit from the experience.

Also - do you have a terminal emulator - I love SecureCRT but Hyperterm is available on older Windows computers and then there is always a freebie download of Putty.exe to use for the task at hand.

We'll need to work off-hours so plan for it with the company.

We are going to have to power cycle the router, perform a password recovery, copy the config to the flash and print it, change the password back, fix the config register to boot correctly (config-reg 0x2102) and then watch this puppy boot back correctly.

Then we need to test connectivity with the network - don't want to get you fired the next day if something does not work correctly.

And voila! You are on your way to being a network admin and learning about that monster of an undocumented network you've just inherited.

FYI - If you want to work with me here's what I can do for you to help you out.

1. Command and Control of that 800 series router.

2. Backup that Router for starters - we may need it later.

3. Give you a spreadsheet documentation tool to record what you have at a glance. (I made this template and then I created a nice spreadsheet that I use as a tool to help manage a lot of device)

4. Setup a syslog server daemon on your network somewhere to get some alerts from at least this router.

5. Install a copy of Kiwi and collect that config and make routine backups every time the config changes.

6. Introduce you to PRTG so you can collect some performance statistics - This means you'll learn about how to configure SNMP (Simple Network Management Protocol).

7. Set the time/date on the router so your logs mean something.

8. Ensure that telnet/ssh is enabled so you can work on that little beast remotely.

9. Introduce you to network discovery so you can figure out if there are more devices you have to be responsible for on that network.

10. Introduce you to Visio or another network drawing program so you can document what you have.

11. Got a phone with a camera - I like pictures and they help me to help you create this documentation you need very badly and to help keep you sane.



How many employees did you say you have?

You can thank me after we save the day and help save you a perfectly good job.



Anyone else got a better offer for our friend?

Comblues

 

[Ragnarb]

Ok - What model is that 800 router?

I'm supposing that T3 is probably not a proverbial T3 Circuit. It's probably a cross-connect to another patch panel in the building or somewhere else.

Do you know how to perform Cisco Password Recovery on the Router?

If not, then start there.

If you want to let me know when you are at the router or can be and what timezone you are in, we can walk through it using the forum and some others can benefit from the experience.

Also - do you have a terminal emulator - I love SecureCRT but Hyperterm is available on older Windows computers and then there is always a freebie download of Putty.exe to use for the task at hand.

We'll need to work off-hours so plan for it with the company.

We are going to have to power cycle the router, perform a password recovery, copy the config to the flash and print it, change the password back, fix the config register to boot correctly (config-reg 0x2102) and then watch this puppy boot back correctly.

Then we need to test connectivity with the network - don't want to get you fired the next day if something does not work correctly.

And voila! You are on your way to being a network admin and learning about that monster of an undocumented network you've just inherited.

FYI - If you want to work with me here's what I can do for you to help you out.

1. Command and Control of that 800 series router.

2. Backup that Router for starters - we may need it later.

3. Give you a spreadsheet documentation tool to record what you have at a glance. (I made this template and then I created a nice spreadsheet that I use as a tool to help manage a lot of device)

4. Setup a syslog server daemon on your network somewhere to get some alerts from at least this router.

5. Install a copy of Kiwi and collect that config and make routine backups every time the config changes.

6. Introduce you to PRTG so you can collect some performance statistics - This means you'll learn about how to configure SNMP (Simple Network Management Protocol).

7. Set the time/date on the router so your logs mean something.

8. Ensure that telnet/ssh is enabled so you can work on that little beast remotely.

9. Introduce you to network discovery so you can figure out if there are more devices you have to be responsible for on that network.

10. Introduce you to Visio or another network drawing program so you can document what you have.

11. Got a phone with a camera - I like pictures and they help me to help you create this documentation you need very badly and to help keep you sane.



How many employees did you say you have?

You can thank me after we save the day and help save you a perfectly good job.



Anyone else got a better offer for our friend?

Comblues

Thank you for that, I am leaving work now but I might be available to go through this some day soon. My timezone is GMT. Though I have to wonder whether this offer is too good to be true I've never seen anyone so willing to give someone a hand that they'll offer to help them go through a company's network step by step, what's in it for you? ^^

 

[Comblues]

I've got no dogs in this race. If you do the job or don't it's not my business.

I've helped people like this plenty - sometimes paid and sometimes not.

I once had a guy tell me that if I took the $500.00 I charged him for the work I did remotely, he'd have bragging rights cause of my name. Funny but true. That's what he told me he told his wife. She questioned him paying me to work with him remotely like this.

I've taken former coworkers and helped them literally one on one at a coffee shop. bookstore, restaurant, or even in a park and logged into their networks to fix the world for them.

I've done this for small networks like yours and for networks as large as a college campus with the Cisco Nexus Platform and Outdoor Wireless Bridging for example.

I like to help using forums like this one, since we can help others in a similar situation.

I scrub the data/information so nothing private is open to the public - down to the IP Addresses and MD5 hashes for example.

I've heard that no one does what I do before. I can't account for the actions of others and their time and commitments. I can offer to some sometimes and I do when I can. Sometimes I have my own issues to contend with and sometimes I have time to help others.

So the term "don't look a gift horse in the mouth" kind of comes to play in cases like this.

Another thing is that I offer to share the learning opportunities with others.

I have the particular skill and experience do what I'm saying and help you. I do this for a living too.

Sometimes people ask me for more than just friendly help and it delves into the realm of doing their work for them. If I have to work, then I have to be paid.

Otherwise it is just friendly help from one person to another.

Simple as that.

Comblues

 

[Ragnarb]

I've got no dogs in this race. If you do the job or don't it's not my business.

I've helped people like this plenty - sometimes paid and sometimes not.

I once had a guy tell me that if I took the $500.00 I charged him for the work I did remotely, he'd have bragging rights cause of my name. Funny but true. That's what he told me he told his wife. She questioned him paying me to work with him remotely like this.

I've taken former coworkers and helped them literally one on one at a coffee shop. bookstore, restaurant, or even in a park and logged into their networks to fix the world for them.

I've done this for small networks like yours and for networks as large as a college campus with the Cisco Nexus Platform and Outdoor Wireless Bridging for example.

I like to help using forums like this one, since we can help others in a similar situation.

I scrub the data/information so nothing private is open to the public - down to the IP Addresses and MD5 hashes for example.

I've heard that no one does what I do before. I can't account for the actions of others and their time and commitments. I can offer to some sometimes and I do when I can. Sometimes I have my own issues to contend with and sometimes I have time to help others.

So the term "don't look a gift horse in the mouth" kind of comes to play in cases like this.

Another thing is that I offer to share the learning opportunities with others.

I have the particular skill and experience do what I'm saying and help you. I do this for a living too.

Sometimes people ask me for more than just friendly help and it delves into the realm of doing their work for them. If I have to work, then I have to be paid.

Otherwise it is just friendly help from one person to another.

Simple as that.

Comblues

Thanks for that, that's admirable. I grabbed some stairs earlier and learned a bit more of what things are up there:

The big router is A Cisco 800 Series, Model Cisco 890.

In there as well is an OCC C5e box that has several cables connected to it.

There is also a Fast Ethernet Bridge. 10/100base-TX to 100Base-FX with a single cable or so, not entirely sure what this is for.

Then there's a Fast Ethernet Switch TE100SB from Trendnet. From a quick glance I gather that some cables are connected to that, and it in turn seems to be connected to the Cisco router.

Could you shed some light as to how these components might make up the network? I have some general idea but I'd appreciate some reassurance.

 

[Ragnarb]

More details on the OCC box:

One end seems to be connected to the Bridge, which in turn is connected to the router. The other end exits the room through the wall.

All the cables that are connected to the OCC box are then connected to a Switch that is connected to the router.

Each socket in the OCC box is marked with T3.x (where x is an increasing number). A few aren't connected.

I went and documented where each socket as, and found a few that weren't in that room, and after further inquiries about that I was told about another closet on the other side of the floor, which I have yet to check out.

Edit: I have a fair bit of more information regarding the physical topology which I'll be posting soon.

I'll also be starting by connecting all the sockets that aren't currently connected (about 1 out of every 2 of them)