Do you have a live port that wasn’t documented? Normally if you had a huge budget you might have a Fluke device on hand. Unfortunately, not everyone can afford a Fluke Testing Device.
For this article, you will need to have a laptop with Wireshark installed.
Plug in the laptop and start Wireshark. Once you start Wireshark you will want to start the packet capture on the network card that is attached to the port in question.
Once you see that traffic is flowing you should enter the “Filter Expression”:
If you leave Wireshark up and running long enough you will see only the CDP packets start to come in.
The CDP packets will tell you many things. Some of the most useful things are:
- Device ID – This is the name of the switch
- Software Version – Firmware Version of the switch
- Addresses- IP address of the switch
- Port ID – The switch port the computer is plugged into
- Cluster Management
- VTP Domain info
- VLAN info
- Duplex Info
- Management IP address of switch
Here is what you might see:
Once you have one packet captured that is all you will need. Stop the packet capturing and take a look at the first packet.
There will be 4 Main sections of the packet. The section we are going to care about is: “Cisco Discovery Protocol”.
If it isn’t already open please do so now. Scroll down until you see:
Depending on the make and model you might see FastEthernet, GigabitEthernet or just plain Ethernet. The 1/0/4 says the name of the port on the switch!
NOTE- You could also write down the MAC address of the laptop, log into the switch console and look the Mac Address up in the ARP cache. What is nice about the Wireshark method is that you can get this info without having login credentials for the switch!.
Let me know if you have any issues.