azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de8d2decdbcd922b275496286331fecfd48435a2
claudetools/clients/cascades-tucson/docs/migration/step3-switch-ports.md
Howard Enos 8d975c1b44 import: ingested 160 files from C:\Users\howar\Clients 
Howard's personal MSP client documentation folder imported into shared
ClaudeTools repo via /import command. Scope:

Clients (structured MSP docs under clients/<name>/docs/):
- anaise       (NEW)  - 13 files
- cascades-tucson     - 47 files merged (existing had only reports/)
- dataforth           - 18 files merged (alongside incident reports)
- instrumental-music-center - 14 files merged
- khalsa       (NEW)  - 22 files, multi-site (camden, river)
- kittle       (NEW)  - 16 files incl. fix-pdf-preview, gpo-intranet-zone
- lens-auto-brokerage (NEW) - 3 files (name matches SOPS vault)
- _client_template    - 13-file scaffold for new clients

MSP tooling (projects/msp-tools/):
- msp-audit-scripts/ - server_audit.ps1, workstation_audit.ps1, README
- utilities/         - clean_printer_ports, win11_upgrade,
                       screenconnect-toolbox-commands

Credential handling:
- Extracted 1 inline password (Anaise DESKTOP-O8GF4SD / david)
  to SOPS vault: clients/anaise/desktop-o8gf4sd.sops.yaml
- Redacted overview.md with vault reference pattern
- Scanned all 160 files for keys/tokens/connection strings -
  no other credentials found

Skipped:
- Cascades/.claude/settings.local.json (per-machine config)
- Source-root CLAUDE.md (personal, claudetools has its own)
- scripts/server_audit.ps1 and workstation_audit.ps1 at source root
  (identical duplicates of msp-audit-scripts versions)

Memory updates:
- reference_client_docs_structure.md (layout, conventions, active list)
- reference_msp_audit_scripts.md (locations, ScreenConnect 80-char rule)

Session log: session-logs/2026-04-16-howard-client-docs-import.md

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-16 19:43:58 -07:00

3.3 KiB
Raw Blame History

Step 3: Identify & Move Switch Ports (~1-2 hours, UniFi web UI + on-site)

3a — Identify which switch port each hardwired machine is on

Need to determine for each machine:

Machine Current IP Target IP Known Port?
CRYSTAL-PC 10.0.20.205 10.0.20.205 Unknown — find in UniFi
ACCT2-PC 10.0.20.209 10.0.20.209 Unknown — find in UniFi
DESKTOP-H6QHRR7 10.0.20.235 10.0.20.235 Unknown — find in UniFi
DESKTOP-1ISF081 Unknown TBD Unknown — find in UniFi
SALES4-PC 10.0.20.203 10.0.20.203 Unknown — find in UniFi
CHEF-PC 10.0.20.232 10.0.20.232 USW Lite 8, Port 7 (already INTERNAL)
MDIRECTOR-PC 192.168.3.20 10.0.20.x (TBD) Unknown — find in UniFi
DESKTOP-KQSL232 10.0.20.227 10.0.20.227 Unknown — find in UniFi

How to find ports: UniFi → Clients → find each machine by hostname or MAC → check which switch/port it's connected to. Or: check each switch's port list for connected clients.

3b — Create DHCP reservations

INTERNAL scope (pfSense → Services → DHCP Server → INTERNAL)

Machine MAC IP
SALES4-PC (get from UniFi/ARP) 10.0.20.203
CRYSTAL-PC (get from UniFi/ARP) 10.0.20.205
ACCT2-PC (get from UniFi/ARP) 10.0.20.209
DESKTOP-KQSL232 (get from UniFi/ARP) 10.0.20.227
CHEF-PC (get from UniFi/ARP) 10.0.20.232
DESKTOP-H6QHRR7 (get from UniFi/ARP) 10.0.20.235
MDIRECTOR-PC (get from UniFi/ARP) 10.0.20.240
DESKTOP-1ISF081 (get from UniFi/ARP) 10.0.20.241

LAN scope (pfSense → Services → DHCP Server → LAN)

Create reservations for all printers (get MACs from pfSense ARP table):

Device IP MAC
Front Desk Epson ET-5800 192.168.2.147 get from ARP
Business Office Canon MF455DW 192.168.3.227 get from ARP
Marketing Brother MFC-L8900CDW 192.168.2.21 get from ARP
206 Health Services Bizhub C368 192.168.1.138 00:20:6b:b3:4a:55
206 Nurse Station Brother MFC-L8900CDW 10.0.20.69 Already on INTERNAL
MemCare MedTech Brother 192.168.2.53 get from ARP
MemCare Director Canon MF451CDW 192.168.3.52 get from ARP
Kitchen printer 192.168.0.121 get from ARP
Epson (USW Port 8) 192.168.2.207 get from ARP
Canon (USW Port 45) 192.168.2.230 get from ARP
Printer-80A423 (Lite 8 Port 2) 192.168.2.202 get from ARP

3c — Change switch port VLAN assignments

For each hardwired workstation port identified in 3a:

  1. UniFi → Devices → select switch → Ports → select port
  2. Change Native VLAN to "INTERNAL" (VLAN 20)
  3. Machine will get new DHCP lease on 10.0.20.0/24

Do one machine at a time. Verify it can reach the server and printers after each change. If it can't, revert the port to native VLAN.

3d — Test each moved machine

After each port change:

  • Machine gets 10.0.20.x IP
  • nslookup cs-server.cascades.local → 192.168.2.254
  • \\192.168.2.254\Shares accessible
  • Can print to LAN printers
  • Internet works

Rollback

Revert the switch port to native VLAN (Default) in UniFi. Machine will get a LAN IP via DHCP and return to previous state.

Reference in New Issue View Git Blame Copy Permalink