1. Home
  2. Cisco Systems
  3. Ideas on showing real IP address

Ideas on showing real IP address

Hi everyone - I'm going to be deploying several thousand 871s (12.4.15T1) using Zero Touch Deployment. Each router will have internet connectivity via some broadband service. I'm also going to be using SCEP to enroll each router to our PKI infrastructure. In order to do SCEP enrollment, our RA requires the router's public IP address. We're going to be sending techs out to each site, and I'd like to setup an IOS menu for them that will have an option to display the router's fast4 IP address. In some cases, the router will get a public address directly, in other cases it will be a private IP address. If fast4 does get a public address, I could solve this easily with a show ip int brief fast4, but if it gets a private address, that command won't do a whole lot of good.

Besides having the tech connect their laptop to the router and browsing to a website like myipaddress.com and reading the results, can anyone think of a good way to get that info via a cli command (or aliased command) so I can make a menu item for it?

The farthest I've gotten was to telnet to checkip.dyndns.org on tcp

80, and if I issue a GET, it will show the IP address (and other html code), but I'm not sure how to put all that together in a single command that could be executed via cli.

TIA.

Reply to
ledhed
Loading thread data ...

I'm not really sure what your issue is. "show ip int brief" will show the IP address of the interface, even if it is a private address.

Reply to
Thrill5

I think at that IOS level, that IOS support onboard TCL scripts which might allow you to accomplish your objectives

formatting link

Reply to
Merv

quoted text -

I don't know if this might assist or not however I have on a few occasions determined the IP address of remote routers by sending them out with NTP configured to point to our internet firewall and checking the firewall logs for the traffic. This is OK for a small number of routers but would be useless for more than I few I think.

If you were to dig into it you might find a way to get the router to send you something identifyable (name, internal IP address from some snmp trap or syslog message.

This assumes that you can get some kind of config on it, I don't know what Zero Touch Deployment is.

Reply to
Bod43

Merv's tcl script idea is a good one.

If you don't mind doing a little coding, you could write a tiny little TCP server that simply does the following:

- listens on some TCP port

- accepts an incoming TCP connection from that socket

- finds the peer's IP address - do a gethostbyaddr() on it for good measure

- writes that value out to the socket

- closes the connection

Then your menu command would just do a telnet /stream to your server's TCP port.

This would be a very simple C program if you're up on socket programming, or no doubt an even simpler perl script.

Aaron

Reply to
Aaron Leonard

Does the Cisco Secure Device Provisioning feature have any relevance to what you are trying to do ?

Cisco IOS Security Configuration Guide, Release 12.4T Setting Up Secure Device Provisioning (SDP) for Enrollment in a PKI

formatting link

Reply to
Merv

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.