Ways to manage devices on network

cheapie408

@KOM said in Ways to manage devices on network:

@cheapie408 Yes, it's Windows-only unfortunately and would require a dedicated host to run on.

I do have a Win PC that's on 24/7 which can serve this purpose.

Based on what I see, you install the RouterOS in a VM environment then use the client to connect to it?

KOM

@cheapie408 No, just download the dude and install him under Windows. RouterOS is what the Mikrotik routers run on.

cheapie408

@KOM

According to the manual these are the require. If there's only one "The Dude" this I've used this in the past at my work. But it's straight forward. I just set the IP range and scan the network and it just picks up everything. Perhaps I'm not downloading the right thing? THese are the guys right? https://mikrotik.com/download

RouterOS:

v6.34rc13 or newer
Hardware:

TILE devices;
ARM devices;
MMIPS devices;
RouterOS x86 installations;
RouterOS CHR environment

KOM

Click the The Dude pulldown box and select the version you want.

cheapie408

@KOM yup that's what I downloaded (the latest version of the client). It wants me to connect to a server. :(

KOM

I haven't used it in awhile, but it should work in standalone mode.

cheapie408

@KOM

Unfortunately, Mikotik changed their development of The Dude which requires the dude server VM. ugh!

https://forum.mikrotik.com/viewtopic.php?t=116451

johnpoz

What exactly is the goal here? Do you just want a simple way to check if X device is on the network? Do you want to get alerts when some wifi devices connects, or disconnects.. Do you want graphs of how long devices are up. Do you want to monitor their bandwdith usage?

You can install nmap if all you want to do is simple discovery, now and then to check for devices on your network that you might of forgotten about, etc.

[2.4.4-RELEASE][admin@sg4860.local.lan]/root: nmap -sP 192.168.9.0/24
Starting Nmap 7.70 ( https://nmap.org ) at 2019-07-23 09:29 CDT
Nmap scan report for 192.168.9.8
Host is up (-0.21s latency).
MAC Address: 00:1F:29:54:17:14 (Hewlett Packard)
Nmap scan report for n40l.local.lan (192.168.9.9)
Host is up (-0.21s latency).
MAC Address: 00:1F:29:54:17:15 (Hewlett Packard)
Nmap scan report for nas.local.lan (192.168.9.10)
Host is up (-0.16s latency).
MAC Address: 00:11:32:7B:29:7D (Synology Incorporated)
Nmap scan report for 192.168.9.11
Host is up (-0.21s latency).
MAC Address: 00:11:32:7B:29:7E (Synology Incorporated)
Nmap scan report for sg300-10.local.lan (192.168.9.98)
Host is up (-0.20s latency).
MAC Address: C0:7B:BC:65:4F:13 (Cisco Systems)
Nmap scan report for sg300-28.local.lan (192.168.9.99)
Host is up (-0.20s latency).
MAC Address: 70:6E:6D:F3:11:93 (Cisco Systems)
Nmap scan report for i5-win.local.lan (192.168.9.100)
Host is up (0.00010s latency).
MAC Address: 00:13:3B:2F:67:62 (Speed Dragon Multimedia Limited)
Nmap scan report for 192.168.9.101
Host is up (-0.21s latency).
MAC Address: 00:13:3B:2F:67:63 (Speed Dragon Multimedia Limited)
Nmap scan report for sg4860.local.lan (192.168.9.253)
Host is up.
Nmap done: 256 IP addresses (9 hosts up) scanned in 5.62 seconds

You can do that in the diag section cmd prompt area too if you don't want to ssh to your pfsense box, etc. There is a gui for the nmap package - but its not all that good.. just easier from cmd line.

Or you could install that arp-scan package as well.. It does provide nice output... You could install the arpwatch package..

There a many a way to skin the monitor/discover my network cat... But the devil is the details of what you are actually wanting to accomplish..

cheapie408

@johnpoz

In my Asus router, I have the ability to name any device connected. IE: I have a lot of Google Home/Hubs devices. IE: Google Display - Living Room, Google Display - Family Room etc..

Also some IOT devices have very generic hostnames and even no names at all. I do this so I can figure out what's online or offline so I can address the issue as needed. The ability to go to "Client List" and have all clients showing online/offline is valuable to me and it makes it better to have the ability to tell exactly which one is which.

Attached is a screen shot of what I meant... In the other world, I can simply click on the device, add a description or something to remind me of what they are. I can't do it here. Hence, I'm venturing to learn how I can easily manage the clients.

An unrelated question... is there a way to monitor who's using the most "WAN" bandwidth per device in PFSense?

![alt text]http://postimg.cc/ZCBQt0Jz

johnpoz

Those all seem to be wireless devices.. What are you using for wireless now? Your old asus router as just an AP?

I do the same sort of thing for clients in my wifi controller.. But I also just assign most of my devices dhcp reservations so they always have the same IP.. Not like your harmony hub is going somewhere ;) I used that as example as I have one myself..

So while its a pain when you have a lot of devices, its one time thing.. Then your done an you then know that your phone is always going to have IP 1.2.3.4, and then makes it much easier to do firewall rules as well ;)

As to bandwidth, sure couple different packages you could use - darkstat, bandwidthd, iptraf, lots of ways to determine who is using up banwidth.. If your just looking for who right this second is using up the bandwidth, the traffic graph can show you that.

KOM

@cheapie408 Alrighty then. Scratch The Dude. Thanks for the tip.

cheapie408

for WiFi i'm using a Unifi AP as primarly but the ASUS router also have WiFi enabled. I need it in the garage to extend the signal to a few devices in front of the house where the Unifi AP doesn't get to. I just don't like that I have to fire up the Unifi software each time I want to log in and spending $100 on a cloud key just doesn't feel right when the PFSense box only cost me about that. The way it is now, I basically have 3 difference places to go to in order to acheive a signal task. :(

PFSense only display those that are on the DHCP table. Static IP devices doesn't pop up here. Printers comes to mine for this. I exported my client list yesterday so I can do exactly what you suggested, the long and painful manual way.

johnpoz

If your doing static IP on the devices directly you just causing yourself extra work.. Just set them to dhcp and create a reservation.. My printer is like that, all my devices are like that.. I don't have anything set static - they all just have reservations.

The only thing that that doesn't have a reservation would be guest devices that I don't give 2 shits about, say when friends and family come over and want to connect their phone to the wifi.. But if they come over all the time - like my son, his phone has a reservation.. So I can setup firewall rules for his device if need too, etc.

And if I do setup something static - I would just create a dns entry for it.

My controller just runs as VM on my NAS.. no reason to buy a cloud key ;) But the software should be running 24/7 so you can actually get useful info out of it ;)

You can for sure look in the arp table of pfsense for device it has recently talked too... But if some device only wakes up every few hours do something.. For example my nest protect doesn't do anything on the network for hours, then wakes up to check in, and then offline again.. So yeah unlikely to that sort of device in a arp cache table.

Sounds more like your concern is with just asset/ip management than monitoring.. There is a big difference between wifi AP and router... An AP has to know, because there has to be an active wifi connection... But router connected to a switch.. Unless something talks to it - how would it know about some device on your network.

You can for sure look in the dhcp leases for anything pfsense had handed out a lease too, even if the device is not currently on, etc. If your using your old asus as AP device they would get dhcp from pfsense.. Maybe you have it setup as Nat router? still vs actually AP..

Setting static on devices, even something like a nas is pain in the but.. What if you want to change something - like the actual network space being used maybe you want to change from 192.168.1/24 to 172.16.100/24, or maybe you have a new ns you want to point clients, or multiple other things that can be handed out via dhcp options. Pretty much only thing that needs to be static on your network is the device running dhdpd ;)

cheapie408

Holy batman... I just spent the last 3 hours of my life adding static reservation to over 60 something devices on my network. I don't know if I should be proud that I'm so well connected?

Lets hope I don't have to do this again.

BTW: By keeping the Asus router alive, I can still use its interface to look at stuff as I used to. I guess there's a plus to that.

KOM

@cheapie408 said in Ways to manage devices on network:

Lets hope I don't have to do this again.

Make sure you make a config.xml backup and you won't.

johnpoz

Seems like a long time.. If they were all dhcp already it would of been as simple as add reservation on their current lease and just changing the ip to be outside your scope.. Should of gone a lot faster than 3 hours ;)

But yeah should only be a 1 time thing, and sure backup of your config is ALWAYS a good idea.

cheapie408

I'm very OCD with the range I give my device.

IE: All networking related stuff IE, Switches, Routers, AP etc... would be between 1 to 10, all IOT devices would be 11-40, IP Cameras would have it's own range. I think this through before selecting a range and ensure to leave enough room for growth of that group so I don't overlap into the next group. Devices like the Neteworking gear would not grow very big so they get a small range, others like Random Client WiFi device would get a larger range etc..

Especially IOT and Cameras, this help me remember the IP per device so I don't always have to go look for it or when I'm adding a new device, I can just assign the address quickly.

Similarly my Switch ports and patch panels have to be in certain ways and order.

johnpoz

well I am with not shot gunning switch ports, vlans should be next to each other, etc.. But what IP a device has doesn't really matter once you have dns for it, ie after you setup your reservation.. But sure ok that will make it take longer ;)

edit: if you don't mind spending a bit of money.. The domotz is pretty slick for managing/monitoring a network. I used it for a few years until just couldn't justify the cost.. Its not all that bad, but it was only 30$ a year and has gone to 60 now.. And I have trimmed down the amount of devices on my network as well..

If you don't use vlans you could prob get away with their fingbox more user version vs pro version which is domotz.

Derelict

@cheapie408 said in Ways to manage devices on network:

IE: All networking related stuff IE, Switches, Routers, AP etc... would be between 1 to 10, all IOT devices would be 11-40, IP Cameras would have it's own range.

Makes more sense to do that in CIDRs not decimal ranges.