Configuring a Terminal/Comm Server

Similar documents
Configuring a Comm/Terminal Server for Sun Console Access

Policy Based Routing with the Multiple Tracking Options Feature Configuration Example

Configuring a Modem on the AUX Port for EXEC Dialin Connectivity

Cisco - Connecting Routers Back-to-Back Through the AUX Ports using a Rollover Cable

How to configure MB5000 Serial Port Bridge mode

Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example

Lab Troubleshooting IPv4 and IPv6 Static Routes (Instructor Version Optional Lab)

Configuring Layer 2 Tunneling Protocol (L2TP) over IPSec

Configuring a Cisco 827 Router to Support PPPoE Clients, Terminating on a Cisco 6400 UAC

How to Configure a Cisco Router Behind a Non-Cisco Cable Modem

Use NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454

Lab Designing and Implementing a VLSM Addressing Scheme. Topology. Objectives. Background / Scenario

Using Cisco IOS XE Software

Configuring IDS TCP Reset Using VMS IDS MC

Cisco Configuring Hub and Spoke Frame Relay

IPsec Anti-Replay Window Expanding and Disabling

Auxiliary Port, Console Port, and Adapter Pinouts for Cisco 1000, 1600, 2500, 2600, and 3600 Series Routers

Configuring Basic AAA on an Access Server

IOS Router : Easy VPN (EzVPN) in Network Extension Mode (NEM) with Split tunnelling Configuration Example

Configuring Modem Transport Support for VoIP

IPsec Anti-Replay Window: Expanding and Disabling

Lab Configuring Basic RIPv2 (Solution)

Configuration du laboratoire par accès téléphonique (San Jose, États-Unis)

Configuring Transparent and Proxy Media Redirection Using ACNS Software 4.x

Secure Shell Configuration Guide, Cisco IOS Release 15M&T

Tactical Software requires that Cisco IOS Software Release 12.0(9) or later be installed on the NAS to interoperate with DialOut/EZ.

PT Activity: Configure AAA Authentication on Cisco Routers

Access Server Dial In IP/PPP Configuration With Dedicated V.120 PPP

TACACS+ on an Aironet Access Point for Login Authentication Configuration Example

Console Port, Telnet, and SSH Handling

Secure ACS Database Replication Configuration Example

Lab Configuring Port Address Translation (PAT) (Instructor Version)

Configuración del laboratorio de acceso telefónico de clientes (San José, Estados Unidos)

Lab Configuring Dynamic and Static NAT (Solution)

cable modem dhcp proxy nat on Cisco Cable Modems

Understanding and Troubleshooting Idle Timeouts

Lab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)

Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall

Lab Configuring IPv4 Static and Default Routes (Solution)

Configuração do laboratório de discagem de entrada de cliente (SÃO JOSÉ, USA)

T1/PRI and E1/PRI Cards

Using NAT in Overlapping Networks

Examples of Cisco APE Scenarios

Lab Troubleshooting Using traceroute Instructor Version 2500

Note that you can also use the password command but the secret command gives you a better encryption algorithm.

Using an ADTRAN Terminal Adapter with Cisco Routers

Configuring Security with Passwords, Privileges, and Logins

No Service Password-Recovery

Lab 8.5.2: Troubleshooting Enterprise Networks 2

Configuring Virtual Asynchronous Traffic over ISDN

Lab Configuring Per-Interface Inter-VLAN Routing (Solution)

Basic Router Configuration

Table of Contents. isco Configuring 802.1q Trunking Between a Catalyst 3550 and Catalyst Switches Running Integrated Cisco IOS (Nativ

Cisco DSL Router Configuration and Troubleshooting Guide Cisco DSL Router Acting as a PPPoE Client with a Dynamic IP Address

Lab 7 Configuring Basic Router Settings with IOS CLI

Lab Configuring Per-Interface Inter-VLAN Routing (Instructor Version)

This feature was introduced.

Lab - Configuring a Switch Management Address

Configuring Authentication Proxy

Before you start the lab exercises see the lab administrator or EEE3080F tutor to get assigned to your routers.

Configuring a Cisco 827 Router Using PPPoA With CHAP and PAP

co Configuring PIX to Router Dynamic to Static IPSec with

AutoSecure. Finding Feature Information. Last Updated: January 18, 2012

Configuring Accounting

Initial Configuration on ML-Series Card

Lab Configuring 802.1Q Trunk-Based Inter-VLAN Routing (Instructor Version Optional Lab)

Configuring Accounting

Table of Contents. Cisco NAT Order of Operation

Cabling Guide for Console and AUX

Configuring Authentication Proxy

Three interface Router without NAT Cisco IOS Firewall Configuration

Configuring Authorization

SSG Configuration Example

Configuring Secure Shell

Configuring Network Side ISDN BRI Voice Interface Cards

Configuring Hookflash Relay on FXS/FXO Voice Ports

Lab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)

Logging in to the CLI

Multicast Music-on-Hold Support on Cisco UBE

VPN Connection through Zone based Firewall Router Configuration Example

Passwords and Privileges Commands

Router Allows VPN Clients to Connect IPsec and Internet Using Split Tunneling Configuration Example

Lab Troubleshooting Basic PPP with Authentication Topology

Cisco IOS Firewall Authentication Proxy

Module 11 Advanced Router Configuration

Configuring FXS Ports for Basic Calls

VoIP with Channel Associated Signaling (CAS)

This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and

Lab AAA Authorization and Accounting

Configuring Terminal Settings and Sessions

Advanced IPv6 Training Course. Lab Manual. v1.3 Page 1

Managing Connections Menus and System Banners

Lab - Troubleshooting VLAN Configurations (Instructor Version Optional Lab)

Console Port, Telnet, SSH Handling, and Reset

Firewall Authentication Proxy for FTP and Telnet Sessions

Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example

Table of Contents 1 Commands for Access Controller Switch Interface Board 1-1

Troubleshooting Network analysis Software communication tests and development Education. Protocols used for communication (10 seconds capture)

Exam E1 Copyright 2010 Thaar AL_Taiey

ord Recovery Procedure for the Cisco Catalyst 8510 Multiserv

Transcription:

Configuring a Terminal/Comm Server Document ID: 5466 Introduction Prerequisites Requirements Components Used Conventions Cabling Design Strategy Configure Network Diagram Configurations Command Summary Switch Between Active Sessions Terminate Active Sessions Verify Troubleshoot Troubleshooting Procedure Related Information Introduction A terminal or comm server commonly provides out of band access for multiple devices. A terminal server is a router with multiple, low speed, asynchronous ports that are connected to other serial devices, for example, modems or console ports on routers or switches. The terminal server allows you to use a single point to access the console ports of many devices. A terminal server eliminates the need to configure backup scenarios like modems on auxiliary ports for every device. You can also configure a single modem on the auxiliary port of the terminal server, to provide dial up service to the other devices when network connectivity fails. This document shows how to configure a terminal server to access only the console ports on other routers through Reverse Telnet. Reverse Telnet allows you to establish a Telnet connection out on the same device you telnet from, but on a different interface. For more information on Reverse Telnet refer to Establishing a Reverse Telnet Session to a Modem. Prerequisites Requirements There are no specific requirements for this document. Components Used This document is not restricted to specific software and hardware versions.

Conventions For more information on document conventions, refer to the Cisco Technical Tips Conventions. The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Cabling The Cisco 2509 2512 series routers use a 68 pin connector and breakout cable. This cable (CAB OCTAL ASYNC) provides eight RJ 45 rolled cable async ports on each 68 pin connector. You can connect each RJ 45 rolled cable async port to the console port of a device. The 2511 router allows for a maximum of 16 devices to be remotely accessible. In addition, the NM 16A or NM 32A high density async network modules are available for the Cisco 2600 and 3600 series routers to provide the same function. For more information on cabling refer to the Let's Connect:Your Serial Cable Guide and the Cabling Guide for Console and AUX Ports. Note: The async ports from the 68 pin connector are data terminal equipment (DTE) devices. DTE to DTE devices require a rolled (null modem) cable and DTE to data circuit terminating equipment (DCE) devices require a straight through cable. The CAB OCTAL ASYNC cable is rolled. Therefore, you can connect each cable directly to the console ports of devices with RJ 45 interfaces. However, if the console port of the device to which you connect is a 25 pin interface (DCE), you must use the RJ 45 to 25 pin adapter marked "Modem" (to reverse the "roll") in order to complete the connection. This table shows the port types for console and auxiliary ports on Cisco routers and switches: Interface Type DB25 Interface Console DCE AUX DTE Design Strategy DTE DTE RJ 45 Interface Configure the terminal server so that you can access the terminal server from anywhere. In order to make the terminal server accessible, assign a registered public Internet address, and locate the server outside the firewall. When you do so, firewall issues do not interrupt your connection. You can always maintain connectivity to the terminal server and access the connected devices. If you are concerned about security, configure access lists to allow access only to the terminal server from certain addresses. For a more robust security solution, you can also configure server based authentication, authorization, and accounting (AAA) for example, RADIUS or TACACS+. For more information on AAA refer to the Cisco AAA Implementation Case Study. You can configure a modem on the auxiliary port of the terminal server for dial backup in the event your primary connection (through the Internet) goes down. Such a modem eliminates the need to configure a dial backup for each device. The terminal server is connected through its async ports to the console ports of the other devices. For more information on how to connect a modem to the AUX port, refer to Modem Router Connection Guide. Use the ip default gateway statement, and point to the the next hop router on the Internet. This command enables you to have connectivity to the terminal server through the Internet even if routing is not enabled. For example, the terminal server is in ROM monitor (ROMMON) mode as a result of a bad reboot after a power

outage. Configure In this section, you are presented with the information to configure the features described in this document. Note: To find additional information on the commands used in this document, use the Command Lookup Tool ( registered customers only). Network Diagram This document uses this network setup: Configurations This document uses this configuration: Cisco 2511 aus comm server#show running config version 12.0 Cisco 2511 service timestamps debug datetime msec localtime show timezone service timestamps log datetime msec localtime show timezone service password encryption hostname aus comm server enable secret <deleted> username cisco password <deleted> ip subnet zero

ip domain list cisco.com no ip domain lookup ip host 3600 3 2014 172.21.1.1 The host 3600 3 is connected to port 14 of the comm server. Ensure that the IP address is that of an interface on the comm server. ip host 3600 2 2013 172.21.1.1 ip host 5200 1 2010 172.21.1.1 ip host 2600 1 2008 172.21.1.1 ip host 2509 1 2007 172.21.1.1 ip host 4500 1 2015 172.21.1.1 ip host 3600 1 2012 172.21.1.1 ip host 2511 2 2002 172.21.1.1 ip host 2511 rj 2003 172.21.1.1 ip host 2511 1 2001 172.21.1.1 ip host 5200 2 2011 172.21.1.1 ip host 2520 1 2004 172.21.1.1 ip host 2520 2 2005 172.21.1.1 ip host 2600 2 2009 172.21.1.1 ip host 2513 1 2006 172.21.1.1 ip host pix 1 2016 172.21.1.1 process max time 200 interface Loopback1 ip address 172.21.1.1 255.0.0.0 This address is used in the IP host commands. Work with loopback interfaces, which are virtual and always available. no ip directed broadcast interface Ethernet0 ip address 171.55.31.5 255.255.255.192 Use a public IP address to ensure connectivity. No ip directed broadcast no ip mroute cache interface Serial0 no ip address no ip directed broadcast no ip mroute cache shutdown ip default gateway 171.55.31.1 This is the default gateway when routing is disabled. For example, if the router is in boot ROM mode. ip classless ip route 0.0.0.0 0.0.0.0 171.55.31.1 Set the default route for the external network. no ip http server line con 0 transport input all line 1 16 session timeout 20

The session times out after 20 minutes of inactivity. no exec Unwanted signals from the attached device do not launch. An EXEC session ensures that the line never becomes unavailable due to a rogue EXEC process. exec timeout 0 0 This disables exec timeout transport input all. Allow all protocols to use the line. Configure lines 1 16 with at least transport input Telnet. line aux 0 Auxiliary port can provide dial backup to the network. Note: This configuration does not implement modem on AUX port modem InOut. Allow auxiliary port to support dialout and dialin connections. transport preferred telnet transport input all speed 38400 flowcontrol hardware line vty 0 4 exec timeout 60 0 password <deleted> login end Note: If you use the 3600 as the access server, refer to How Async Lines are Numbered in Cisco 3600 Series Routers for line number details. Command Summary ip host Use this command to define the name to address mapping of the static host in the host cache. in order to remove the name to address mapping, use the no form of this command. ip host name [tcp port number] address1 [address2...address8] name This field indicates the name of the host. The name field need not match the actual name of the router to which you want to connect. However, ensure that you enter a name you would want to use in the reverse Telnet. When you use this command and the name field, you do not have to know the actual port number of the remote device. tcp port number This field represents the TCP port number to which you want to connect when you use the defined host name along with an EXEC connect or telnet command. In our example configuration, we use a reverse Telnet so the port number must be 2000+line number. address1 this field represents an associated IP address. In our example configuration, we use the loopback IP address. transport inputuse this command to define the protocols to use when you connect to a specific line of the router. transport input {all lat mop nasi none pad rlogin telnet v120} all All selects all protocols.

none None prevents any protocol selection on the line. In this case, the port becomes unusable for incoming connections. Note: In our configuration example, the async lines use the minimum configuration of the transport input telnet command. So you can Telnet to the devices on the async line. telnetuse this EXEC command to log into a host that supports Telnet. telnet host [port] [keyword] host This field indicates a host name or IP address. Host can be one of the name fields defined in the ip host command. port This field indicates a decimal TCP port number. The Telnet router port (decimal 23) on the host is the default decimal TCP port number. For reverse Telnet, the port number must be 2000+line number. Line numbers range from 1 16 in our configuration. Use the show line EXEC command to view the available lines. Switch Between Active Sessions Complete these steps in order to switch between active sessions: 1. Use the escape sequence Ctrl Shift 6 then x to exit the current session. 2. Use the show sessions command to display all open connections. aus comm server#show sessions Conn Host Address Byte Idle Conn Name 1 2511 1 171.69.163.26 0 0 2511 1 2 2511 2 171.69.163.26 0 0 2511 2 * 3 2511 3 171.69.163.26 0 0 2511 3 Note: The asterisk (*) indicates the current terminal session. 3. Enter the session (conn) number to connect to the corresponding device. For example, to connect to 2511 1 type 1, which is the connection number. However if you hit the return key, you are connected to the current terminal session, which in this case is router 2511 3. Terminate Active Sessions Complete these steps to terminate a particular Telnet session: 1. Use the escape sequence Ctrl Shift 6 then x to exit the current Telnet session. Note: Ensure that you can reliably issue the escape sequence to suspend a Telnet session. Some terminal emulator packages are unable to send the correct sequence, Ctrl Shift 6 then x. 2. Issue the show sessions command to display all open connections. 3. Issue the disconnect [connection] command to disconnect the required session. Verify This section provides information you can use to confirm your configuration is working properly. Certain show commands are supported by the Output Interpreter Tool ( registered customers only), which allows you to view an analysis of show command output. show ip interface brief indicates whether the interface you use for the Telnet session is up.

Troubleshoot This section provides information you can use to troubleshoot your configuration. Troubleshooting Procedure Follow these instructions to troubleshoot your configuration. If you cannot connect to the router of your choice with a name configured in the ip host command check: 1. Check whether the port address is configured correctly. 2. Verify whether the address (interface) used for the reverse Telnet is up/up. The output of the show ip interface brief command provides this information. Cisco recommends you to use loopbacks because they are always up. 3. Ensure that you have the correct type of cabling. For example, you must not use a crossover cable to extend the length. Refer to the Cabling section for more information. 4. Establish a Telnet connection to the IP address port to test direct connectivity. You must telnet from both an external device and the terminal server. For example, telnet 172.21.1.1 2003. 5. Ensure that you have the transport input telnet command under the line for the target device. The target device is the device that is connected to the terminal server. 6. Use a PC/dumb terminal to connect directly to the console of the target router. The target router is the device connected to the terminal server. This step helps you identify the presence of a port issue. 7. If you are disconnected, check timeouts. You can remove or adjust timeouts. Note: If you encounter authentication failures, remember that the terminal server performs the first authentication (if configured), while the device to which you try to connect performs the second authentication (if configured). Verify whether AAA is configured correctly on both the terminal server and the connecting device. Related Information Modem Router Connection Guide Establishing a Reverse Telnet Session to a Modem Configuring Terminal Lines and Modem Support Terminal Line and Modem Support Commands Cabling Guide for Console and AUX Ports Let's Connect:Your Serial Cable Guide Field Notice: Terminal Server Break Character on Cisco Access Servers Cisco AAA Implementation Case Study Access Products Support Pages Dial Technology Support Pages Technical Support & Documentation Cisco Systems Contacts & Feedback Help Site Map 2009 2010 Cisco Systems, Inc. All rights reserved. Terms & Conditions Privacy Statement Cookie Policy Trademarks of Cisco Systems, Inc. Updated: Jan 29, 2008 Document ID: 5466

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback