Finding all MAC addresses in a Network and finding the vendor

I am currently on a task wherein I have to identify two VoIP phones connected on our LAN and have to configure them to work as part of our 3CX phone network. The starting part of course is to find the MAC addresses of the two IP Phones. So after a few minutes of searching I became aware of Colasoft MAC Scanner a relatively good tool which created a list of all machines on our LAN listing them by their IP address, MAC address and domain name. From the list of machines I saw two machines with identical OUIs (Organization Unique Identifier), aka first 6 hexadecimal numerals of the MAC address. To confirm the finding I searched for the vendor licensed to manufacture with this OUI at

http://standards.ieee.org/develop/regauth/oui/public.html

And voila!! These MAC Addresses were assigned to a VoIP Phone manufacturer!

So the basic premise of the post is if ever you get a MAC Address and you find the need to determine the manufacturer of the device, use the above link. 

Sharepoint not starting - Error 503

At our office network we have a Sharepoint Server which also serves as the VPN Connectivity for the Office LAN. Since we use Sharepoint for centralized management of several documents and tasks it was a blow when the Sharepoint crashed.

An Error 503 message kept on coming whenever I browsed to the Sharepoint page from my PC. Seeking to troubleshoot it, first I restarted the Sharepoint Server taking care to do so by remoting in from our Exchange Server to which I had remoted in via its Public IP address. The Sharepoint server restarted but the issue persisted.

On suggestion from my boss I inspected the Sharepoint Services in Services.msc . There I found that a few of the Sharepoint related services had not started even though they were on Automatic. Some of them were manually started but the rest refused to restart. It was then that I became aware of the fact that the central account passwords for our domain had been changed just a few days ago. So as instructed by my boss I went to the Properties of each service and in the Log On section if the Logging in credentials was no local or network and in fact used a domain user account, I changed the passwords.

After changing the corresponding passwords for all the services, I once again restarted the services and all the Services started running properly. But the sharepoint was still down. At this moment I went to the Server Manager of the Windows Server 2008 R2 machine and saw that there were some errors in the Web Services, an error whose diagnostic said about an Application Pool related to the Sharepoint site not running.

So I went to Web Services > IIS > Application Pools and as mentioned some of the Sharepoint related Application Pools were not running. I started them manually hoping that would solve the issue but again it did not. It was then that I got a brain wave and as I went to the Advanced Settings section in Properties of these Application Pools I saw that some of them were using special log in credentials exactly like those used by the Sharepoint Services in Services.msc. So I changed those log in credentials for all Application Pools which had this special domain/user account listed with it and then I restarted those Application Pools.

Now the Sharepoint started working and issue solved

Windows XP / 7 LAN Connection overriding and cutting LAN Internet Connection

As part of my work I usually have to connect one or more VPN sessions and I used to find that be it my Windows XP PC or Windows 7 laptop after a while the VPN Connection shuts down my Local Area Network's internet connection which in turn causes the VPN connection to go off. First I tried disabling the Firewall on the AVG Internet Security 2011 which is always an irritation by changing of network profiles when I connect or disconnect to other networks.

Disabling of Firewall however provided only a short respite as though indicators are not coming my LAN connection is still being cut.

So finally I searched around and found this article.

Whirlpool.net

A few posts down I saw the correct suggestion to this error:

Properties>Networking>Internet Protocol Version 4 (TCP/IPv4>Properties>Advanced>IP Settings

Here the option named:

"Use default gateway on remote networks"

would be ticked. Disabling this feature would stop the error and VPN connection would not cut the LAN based internet connection.

So what I figure out from this is that when VPN is connected its session forces my PC to use its default gateway instead of the default gateway as provided by my LAN/ISP. Basically the VPN connection forces the machine to use the internet connection at the Remote Site's network instead of the actual gateway of my LAN to get internet. Basically a cart pulling the horse analogy.

Having corrected that option in both my Windows XP PC and Windows 7 Laptop I am able to use VPN comfortably. And yeah the AVG Internet Security 2011's Firewall is kept disabled while I work. Those profile changes are too irritating.

Windows Update not happening in 2003 Server ; Error number: 0x8DDD0018

While doing the monthly update on my client's server topology where I have to perform such as Windows Updates, Trend Micro status check and Symantec Backup check, I found that in one of the server running Windows 2003 Server the Windows Update was not happening. The following three error messages were being received.

Error number: 0x8DDD0018
 Automatic Updates, BITS,
and Event Log services must be started



Even though in the services.msc all these services were found to be running Windows Update was not happening. A thorough investigation through Google brought me to this page.

Tech Arena

As per its advice I ran the following command string from Command Prompt,

regsvr32.exe wuaueng.dll


And now the update window dialog started on the Internet Explorer browser and updates were completed.

Another detailed search on the above command string brought me to this link.

Yahoo Answers

Apparently the dynamic link libraries and Active X Controls which enable the Microsoft Windows Update mechanism to run on the Internet Explorer browser had to be restarted. The regsvr32.exe is the program that needs to be run and wuaeng.dll module enables Active X communication from the browser with Microsoft website.

Conficker Worm , Downad Malware

So today after several days of working on it, I finally managed to root out the Conficker Worm from my client's network. The Conficker worm is an easily spreading Malware which on subsequent generations become more and more deadly and dangerous, in fact even leading other Malware and Virus to gain easy entry into the networks.

The biggest evidence of your machine being affected by the Conficker worm is if your Anti Virus client does not get updated even if the the update dialog happens without event. If you monitor the Network Usage Statistics on your Task Manager while you are updating you will see that no network traffic is taking place when the Anti Virus is apparently updating. You can confirm your fears if you are able to visit all websites except websites of Microsoft, AVG, McAfee, Trend Micro, Symantec etc. The Conficker worm prevents web access to these web sites.

While several tools claim to remove this, the best method is to simply do this:

Run > CMD > net stop dnscache

By this flushing of DNS Cache you get a temporary window of opportunity during when you can successfully update your Anti Virus. If your network has a central Web Server, the preliminary updating should happen here as after updating its Anti Virus Client and scanning its directories for the Malware it can trigger updates to all the Computers under its network management.

Then you need to just update the Windows and problem solved.

First post and Introduction

This blog is basically going to be an account of my journey to CCIE aka Cisco Certified Internetwork Expert. It is otherwise known as the Doctorate in Networking.

Some of you may know or may not know what CCIE is, for the time being I can only refer you to the following articles to give you a basic idea of what it is. It is basically the ultimate in Cisco's heirarchy of networking certifications.

Cisco Certifications
CCIE Certification

More details and awareness about the complexities, requirements and hardships of CCIE you will explore with me in this blog as I pursue my target of achieving a CCIE in Routing and Switching, the track of my choice.

First of all let me tell you all of my own background. Living in Kochi, Kerala, India I am currently a CCNA (Cisco Certified Network Associate) Faculty at a networking education institution in Kochi. After completing my Electrical Engineering course from a premier engineering college in Kerala I joined a Safety and Security Systems Integrator company in Bangalore working in the fields of Fire Safety, CCTV, Access Control, Public Announcement Systems etc for two years at various sites in Bangalore and Kochi. Seeking a more competitive field I joined up at BSoft, Kochi to study CCNA.

As a rank newbie to the field of networking the very first day of class, the OSI layers had been pretty confusing to me. However I found it a very interesting field and thus my love and passion for networking began. I became a Cisco Certified Network Associate in August 2010. Immediately after getting certified, I was employed by Bsoft.

Being a faculty at this institute has given me some valuable perks which was not limited to free tutions in CCNP Route and Switch papers. Even while writing the CCNA exam and in the first few months of studying for CCNP - Cisco Certified Network Professional - I had no dream of appearing for CCIE. But as I finished my studies into CCNP I realized that it would be a more interesting challenge to try for CCIE itself! After a few weeks of contemplation and initial research here I am now about to embark on my CCIE journey.

In a couple of days I am planning to appear for my CCIE R&S Written exam after which the full fledged battle to prepare myself for the CCIE Lab exam begins. It is a journey which I hope to share here in this blog in the full hope that experienced veterans in the field of networking would be able to assist me and perhaps my own struggles may be valuable instructions to future CCIE aspirants.

Thus the CCIE Chronicles begins!!