Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

4000m and IP Changes

Dave Jones_10
Occasional Visitor

4000m and IP Changes

We recently readdressed our network to a 192.168 range but now find that the 2 4000m's in our network keep trying to access addresses on the old 195.216 range. Our firewall is blocking them but I would like to stop this.
I have corrected the addresses for SNMP although I can't delete one (which no longer exists) but still the switches try to access the old IP range.

Also is it possible to find where a pc that has a 169.x.x.x address is physically connected to our network - it seems the user has yet to notice that their pc doesn't work (for the last 2 months). I have tried toptools but it doesnt find this pc.

Thanks
3 REPLIES
Ron Kinner
Honored Contributor

Re: 4000m and IP Changes

I can't help you much with the first question except to say go back over the config and see where it still has the old addresses. Can your firewall tell you what port it is trying to reach? Maybe the time service? Which address can you not change or delete?

On the second one, just take another PC and assign it an IP address in the same range as the rogue and plug it into the switch. Now ping the bad IP address. If you get a reply then quickly get the MAC of the bad one with arp -a. You should then be able to find the port that the MAC is on.

Ron
Arimo Laine_2
Valued Contributor

Re: 4000m and IP Changes

Hi.

The switch should not try to access any IP addresses anyway, it's a strict layer2 device. What makes you think that the switch is trying to do it in the first place? Is it only the firewall logs or do you see something in the switch logs as well, something like "Unsolicited ICMP echo reply from..." or some TFTP errors?

Arimo
Jerome Henry
Honored Contributor

Re: 4000m and IP Changes

Now that I'm a magician, I can tell you something :

The 169.x IP you see is a win98 or 2K computer... running DHCP client... and unable to find the DHCP server ! That range is reserved by Microsoft for this case.

When you will have found it, using friend's tip, check its configuration !

As far as your first question is concerned, I join Arimo on that, thinking that some machine somewhere still use the old range, and the switch just let resquests pass thr, which is their job.

You can set ACL up to forbid that, but best solution would be to use some kind of ipcscan.exe tool to se which machine is using these IPs, to change them...


hth

J
You can lean only on what resists you...