This is a very unique situation. I have a building with about 120 users on 3 floors. There are 7 wiring closets with 13 cisco 3550 switches. I have updated them all to c3550-i9q3l2-mz.121-20.EA1.
In this setting, I have 4 divisions and about 14 printers. Due to turnover and staff moves, the pc's that plug into said switches change on frequent basis. Is there a way to set the ip address of each port to determine the ip address of the machine so that a startup script can determine where the machine is plugged in and install the proper printers and set the default. I use ip address for ease. If this method is not possible, is there another method that I could use to allow the same results.
In other words, I don't want this to become a management nightmare. I would users to be able to move their machines, and the system, by use of a startup script, to determine where they are plugged in.
I thank you for any help in advance.
Hmm... You could potentially do something like assign a seperate Vlan/subnet to each "area" or floor. Then, you'd need a separate DHCP scope for each VLAN - which you would need to use a helper-address on whatever you use to route between the VLANs.
Then, when a person plugs into a port in an area, they would get assigned an IP that is unique for that area. I'm sure someone could script some sort of startup-script to then assign printers and such based on the subnet they are in. Might be more trouble than its worth though.
Sounds like you should use dynamic VLANs with a VMPS. Check out pages 144 - 152 of the "Cisco LAN Switching" book from Cisco Press.
The dynamic VLAN allows you to automatically configure a port to a VLAN based on the MAC address of the device attached to the port.
IP address tracking would be a little more difficult, so I'd use MAC addresses instead. You could use the IP address, but you'd end up having to search based on MAC address anyway so you may as well use that. I'd do the following:
1) Create a SNMP RO view on the switches that had limited access to read the FDB.
2) Create a login script that extracted the MAC address of the NIC via ipconfig /all.
3) Retrieve the FDB tables on all switches, so that you can map the MAC address to ports.
4) Find the MAC address of the PC in the FDB tables and you now know where the PC is plugged into.
5) Map to the appropriate printers.
With VPMS or even 802.1x (see link at bottom of post), the vlan would move with the user. This is ok if thats what you want, but the question here is do your printers move? If they do move with the teams then either of these are ok. I like 802.1x as you only need a radius server and you get extra security. Make sure you host supports it though.
If you printers do not move and you hav logical areas in your building, then you need something that will assign ip addresses based on the port. The easy way for this is to use static vlans and DHCP, as someone has already said. Your script should be able to find the IP address out and then assign the correct local printers.
This is not fancy and is easy to support.
Hope this helps :-)
opps here is the link for 802.1x
Hi, i think you need to look at this from a different angle as i don't think this is a unique situation. Most companies i have worked for have similar issues however they use login scripts that bind printers, shares etc to specifc users based on group membership. i.e. marketing user is always mapped to the marketing printer and marketing network share. It doesn't matter where marketing user is in the building, as long as he is logging in to the correct domain he'll get the same printer etc.
Hello, I think it would be more useful if, say an accountant was working in marketing for the accountant to map to the marketing printer, especially if thedepartments are on different floors. So if you take the principle of hoteling as is common for consultants and they can be sitting anywhere at anytime you need something more location specific than group specific, in which case wouldn't a VLAN per printer be a very suitable solution?
So we're assuming the same printer throughout the company and setting it to print to lpt1: and then mapping lpt1: to the correct queue via login script?
Hi, wouldn't this mean that every printer was on a different subnet? What if you had 300 printers in your organisation? This would be a nightmare to administer! you would need to create 300 sub/VLAN interfaces on you router/MSFC to allow routing to each printer. I think you should certainly have a dedicated printer VLAN so all printers are on the same subnet, this VLAN would be trunked across all your switches, its much easier to maintain and allocate IPs to new printers if they are all on the same subnet. Plus if you have a lot of office moves, its easier to relocate a printer as you don't need to worry about which VLAN it's going to be in, which IP address it should be allocated, all you need to do is patch it into the new area and make sure the new switch port it's in the printer VLAN. If consultants need to print to a specific printer in a specific area then the printer should be labeled up so that he/she can easily connect to it manually by browsing the network.
Hello, the specific case was 14 printers in 4 departments, so I think vlans could still work. The easier you make it for the user the harder it will be on the support staff. I agree that for a very large implementation as you have illustrated, this is not the way to go. But at the same time, 300 printers would not sit on one server in one browse list so again, you could do some separation among vlans - probably geographically/departmentally but definitely not a printer per vlan.
The original poster should probably chime in to keep us on track.