Home |
Basic Management |
Accessing pg1 |
Router(IOS) Software
Commands |
IOS Naming |
Configuration Register |
Password Recovery
Gaining Access to Routers and Switches - Page 2
Configuring the Terminal Server
This page of the Study Guide demonstrates how to configure a terminal server to
provide access to the rest of the routers in the lab. Once configured, you will be
able access each lab router's console port through reverse Telnet.
Lab Objective
In this Study Guide, you will accomplish the following lab objective:
Configure a Cisco a router to be the terminal server for this lab. The terminal server is connected to
each device's console port. Port assignments are as follows:
-
R1 - 2001
-
R2 - 2002
-
R3 - 2003
-
R4 - 2004
-
R5 - 2005
-
R6 - 2006
-
R6 - 2006
-
Catalyst Switch - 2007
After completing this objective, you will learn how to maneuver from the terminal server to each individual
lab router and then back to the terminal server.
Terminal Server Overview
A terminal server provides out-of-band access for several devices. Out-of-band access is through a router's
console or aux port versus in-band access that occurs over the network using telnet.
Generally, a terminal server is a router with multiple, asynchronous ports that are
connected to other devices, such as the console port of other routers or switches, as
shown previously in Figure 8. To get a better idea of what the ports look like on the
back of a terminal server Figure 12 shows the back of a Cisco router.
Figure 12 - A Cisco 2511 to Be Configured as the Lab Terminal Server
Cabling
The Cisco 2511 series router uses a 68-pin connector and breakout cable shown in Figure 13.
Figure 13 - CAB-OCTAL-ASYNC Cable
This cable is referred to as a
CAB-OCTAL-ASYNC cable or just
OCTAL cable.
It provides eight RJ-45 rolled cable asynchronous (async) ports on each 68-pin
connector. The 68-pin connector is attached to Interface Async 1 of the terminal
server. Each RJ-45 rolled cable is connected to the console port of each router in the
lab. For configuration purposes, each rolled cable is referred to as an
asynchronous line
in the configuration. Each line is numbered beginning with 2001 to 2008.
So, R1 is attached to async 2001, R2 is connected to 2002, and so on up to 2007, which
is connected to the Catalyst 1900 switch, leaving 2008 unused. See Figure 14 for an example.
Figure 14 - Terminal Server Connectivity to Lab Routers
NOTE: The async ports from the 68-pin connector are data terminal equipment
(DTE) devices. DTE-to-DTE connections require a rolled (null modem) cable.
DTE-to-DCE devices require a straight-through cable. Because the Octal cable is
rolled, you can connect each cable directly to the RJ-45 console port of each lab
router. However, some routers have console ports that are 25-pin interfaces
instead of RJ-45. If so, remember that the 25-pin interface is a DCE, and you must
use the RJ-45-to-25 pin adapter marked "modem" to reverse the roll and complete the connection.
The major benefit of a terminal server is that it allows
you a single point from which to access the console ports of many devices. This is
helpful initially in the lab because the lab routers will not have any configuration
settings such as IP addresses or Telnet parameters. Without the terminal server, you
would have the tedious process of manually switching between each router's console
port to gain access. A second benefit is that a terminal server can provide fault
tolerance in case the routers become inaccessible because of a network failure. This
is because you can configure a modem on the auxiliary or asynchronous port of the
terminal server, allowing dialup connectivity to the terminal server and thus to each
router that the terminal server is connected to.
In the lab, the terminal server will be the single point
from which you may access all other lab routers through reverse telnet.
Reverse Telnet
Most Telnet connections are considered forward
connections, or connections accepted into a line or interface. Reverse Telnet means
that the Telnet session is initiated out of the line (like an asynchronous line)
instead of accepting a connection into the line. Thus, reverse Telnet allows you to
Telnet out from a device that you are Telnetting to, but on a different interface,
such as an asynchronous port. For example, the terminal server has a LAN (Ethernet) IP
address of 10.160.8.1. If you want to connect to R1 on asynchronous line 2001, you
would issue the following command from the terminal server:
Termserver#telnet 10.160.8.1 2001
Essentially, you are telling the router to connect to its
own Ethernet 0 IP address of 10.160.8.1 via Telnet but to initiate the connection out
line 2001. This will be a fundamental part of the lab exercises, so let's demonstrate how this is done.
In the lab, you will do reverse Telnet using an IP address
assigned to a loopback interface. Loopback addresses are preferred because they are
virtual and thus always available. For reverse Telnet to work, the interface that is
used must be up and the line protocol must be up. Because of this, using a loopback
interface is advantageous because it never goes down, as opposed to an Ethernet
interface, which might go down and prevent reverse Telnet from working.
Terminal Server Configuration
Now that you have an understanding of how the terminal
server is physically connected and how reverse Telnet functions, it's time to examine
how to configure the terminal server.
The steps to configure the terminal server are as follows:
Step 1 Create a loopback interface.
Step 2 Assign an IP address to the loopback interface.
Step 3 Allow Telnet as a transport across asynchronous lines 1 to 16.
Step 4 Create a host table that maps a router's host name (such as R1,
R2, and so on) to the asynchronous line it is connected to on the terminal server (such as 2001, 2002, and so on).
Steps 1 and 2: Creating a Loopback Interface and Assigning an IP Address
Begin by creating the loopback interface from global
configuration mode. Going into interface configuration mode for the loopback 0
interface creates the loopback interface and brings up the interface, as highlighted
in Example 11. You can assign the interface any number in the range of 0 to
2147483647. Use loopback 0 and assign it an IP address of 192.168.10.10 with a mask of
255.255.255.0, as shown in Example 10.
Example 10 - Creating loopback 0 and Assigning It an IP Address
Termserver(config)#
Termserver(config)#interface loopback0
Termserver(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
Termserver(config-if)#
%LINK-3-UPDOWN: Interface Loopback0, changed state to up
Termserver(config-if)#ip address 192.168.10.10 255.255.255.0
Exit interface configuration mode by doing a CTRL-Z and do a
show running-config
to show how this interface now appears in the output in Example 11.
Example 11 - loopback0 Interface as It Appears in Running-Config After Creation
Termserver(config-if)#^Z
Termserver#show running-config
Current configuration:
!
version 11.2
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Termserver
!
enable password 7 0200055708090132
!
interface Loopback0
ip address 192.168.10.10 255.255.255.0
!
You can also do a
show interface loopback0 to verify that the loopback interface is up and has the correct IP address, as in Example 12.
Example 12 - show interface loopback0 Command Output Verifies Interface Status and IP Address
Termserver#show interface loopback0
Loopback0 is up, line protocol is up
Hardware is Loopback
Internet address is 192.168.10.10/24
MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec, rely 255/255, load 1/255
Encapsulation LOOPBACK, loopback not set, keepalive set (10 sec)
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/0, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Termserver#
Step 3: Allowing Telnet as a Transport Across Asynchronous Lines 1 to 16
Now that the loopback 0 interface is created, you need to
ensure that the asynchronous lines allow Telnet to traverse the lines.
This is done using the
transport input x command, where
x is the protocol that you want to allow, such as
Telnet. The command allows the granularity of permitting only certain protocols to
cross the asynchronous lines. The allowed protocols are shown using context-sensitive
help, as demonstrated in Example 13.
Example 13 - Available Protocols Configurable for Transport Across the Asynchronous Lines
Termserver(config)#line 1 16 |
Termserver(config-line)#transport input ? |
all |
All protocols |
lat |
DEC LAT protocol |
mop |
DEC MOP Remote Console Protocol |
nasi |
NASI protocol |
none |
No protocols |
pad |
X.3 PAD |
rlogin |
Unix rlogin protocol |
telnet |
TCP/IP Telnet protocol |
v120 |
Async over ISDN |
Termserver(config-line)#transport input |
In the lab, you will do a
transport input telnet to allow Telnet to cross the lines.
Enter line configuration mode for asynchronous lines 1 through 16. To do this, type
line 1 16 from privileged EXEC mode.
NOTE: In the lab, you are really
concerned with only Lines 1 to 7 (2001 to 2007) because they are the only asynchronous
lines that have routers connected to them. However, because a Cisco 2511 has two
asynchronous interfaces, 16 lines total are available (8 per asynchronous interface) for configuration.
Upon entering line configuration mode, allow all protocols to be transported across the lines, as shown in Example 15.
Example 14 - Allow All Protocols to Cross the Asynchronous Lines
Termserver(config)#line 1 16
Termserver(config-line)#transport input telnet
Termserver(config-line)#^Z
Step 4: Creating a Host Table That Maps a Router's Host Name to the Asynchronous Line to Which It Is Connected on the Terminal Server
At this point, the terminal server is configured and should be functional; however, as a timesaver, you will create a host table that maps
the router name to the loopback 0 interface and then specify the asynchronous port out which to initiate the reverse Telnet session. This is done using the
ip host command. The
ip host command is a static DNS entry used by the router. The router will translate
"R1" to 192.168.10.10 port 2001. When this host table is completed, you will access each router by typing the host name of the router. For example, typing
R1
initiates a reverse Telnet session out asynchronous line 1 (2001). Create the table from global configuration mode as shown in Example 15.
Example 15 - Creating IP Host Table for Reverse Telnet
Termserver#config t
Enter configuration commands, one per line. End with CNTL/Z.
Termserver(config)#ip host r1 2001 192.168.10.10
Termserver(config)#ip host r2 2002 192.168.10.10
Termserver(config)#ip host r3 2003 192.168.10.10
Termserver(config)#ip host r4 2004 192.168.10.10
Termserver(config)#ip host r5 2005 192.168.10.10
Termserver(config)#ip host r6 2006 192.168.10.10
Termserver(config)#ip host cat19 2007 192.168.10.10
Termserver(config)#
Saving and Testing the Terminal Server Configuration
Exit back to global configuration mode by doing a CTRL-Z and then save the configuration. Next, test reverse Telnet functionality by typing
R1 from user EXEC or privileged EXEC mode, as shown in Example 16.
Example 16 - Successful Reverse Telnet to R1
Termserver#^Z
Termserver#copy running startup
Building configuration...
[OK]
Termserver#r1
Trying r1 (192.168.10.10, 2001)... Open Hit enter key
Router>
You can see from Example 16 that the terminal server
initiates a connection to R1. It does this by connecting to its own loopback 0 address
of 192.168.10.10 (via Telnet) and then redirecting the connection out asynchronous
port 2001. Because the Telnet connection is "redirected," it is referred to a reverse
Telnet connection. Next, hit the Enter key to get the
Router> prompt.
R1's console port is connected to asynchronous line 1 (port 2001) of the
terminal server. By hitting the Enter key, you are placed into R1's user EXEC mode. At
this point, give the router a host name of R1 to avoid confusion about which router
you are connected to. Change the host name to R1, and save the changes, as shown in Example 17.
Example 17 - Hostname Changed from Router to R1
Router>enable
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#^Z
R1#copy running startup
Building configuration...
[OK]
R1#
To get back to the terminal server,
type Ctrl-Shift-6, x from R1, as in Example 18.
Example 18 - Return to the Terminal Server via the Escape Sequence
R1#Ctrl-Shift-6, x
Termserver#
Upon doing the escape sequence (
Ctrl-Shift-6, x),
notice that you have been returned to the terminal server, as shown by the change from
the
R1# prompt to the
Termserver# prompt in Example 18.
Connecting, Disconnecting, and Verifying Reverse Telnet Sessions
From the terminal server, you can view active reverse Telnet connections by doing
show sessions as in Example 19.
Example 19 - Established Sessions on the Terminal Server
Termserver#show sessions
Conn Host Address Byte Idle Conn Name
* 1 r1 192.168.10.10 0 3 R1
Termserver#
When a reverse Telnet session is established, the session
is given a connection number. The asterisk preceding the connection number indicates
that the session is active, as highlighted in Example 19.
To return to an active session, you can simply enter the
connection number. Upon seeing the message
[Resuming connection 1 to R1 ... ],
press the Enter key and you are taken to R1, as demonstrated in Example 20.
Example 20 - Resuming an Active Reverse Telnet Session Using the Connection Number
Termserver#1
[Resuming connection 1 to r1 ... ]
Hit Enter key
R1#
Occasionally, when initiating the reverse Telnet session, the connection might be refused and you will
not be able to get into a router; you will see a message as shown in Example 21.
Example 21 - Reverse Telnet Session Refused by Remote Host
Termserver#r1
Trying r1 (192.168.10.10, 2001)...
% Connection refused by remote host
Termserver#
When the connection is refused, you need to clear the asynchronous line and attempt the reverse Telnet again.
This is done by doing a
clear line 1, confirming the request by pressing Enter,
and then entering
r1 to reinitiate the reverse Telnet connection, as shown in Example 22.
Example 22 - Clearing the Asynchronous Line 1 After a Connection Is Refused and Reinitiating the Reverse Telnet Connection
Termserver#r1
Trying r1 (192.168.10.10, 2001)...
% Connection refused by remote host
Termserver#clear line 1
[confirm]
[OK]
Termserver#r1
Trying r1 (192.168.10.10, 2001)... Open
R1>
TIP: You might need to clear the line a few times before it completely clears.
You have now successfully connected to R1 through reverse Telnet.
Return to the terminal server from R1 using
Ctrl-Shift-6, x. Execute a
show sessions
command on the terminal server to display that connection 1 is an established reverse Telnet session to R1. To disconnect a
previously established reverse Telnet session, you can enter
disconnect and the connection number,
and then hit Enter to confirm the disconnect, as shown in Example 23.
Example 23 - Disconnecting an Established Reverse Telnet Session
R1>
Termserver#show sessions
Conn Host Address Byte Idle Conn Name
* 1 r1 192.168.10.10 0 0 R1
Termserver#disconnect 1
Closing connection to r1 [confirm]
Termserver#
Now if you do a
show sessions on the terminal server, as demonstrated in Example 24,
you can see that the reverse Telnet session to R1 was disconnected.
Example 24 - No Active Reverse Telnet Session After Doing a Disconnect
Termserver#show sessions
% No connections open
Termserver#
To finish, set up a reverse Telnet connection to each of the lab devices, R1 through R6. First, you'll connect to
each router by typing the router's host name, hitting Enter, and then entering the escape sequence
Ctrl-Shift-6, x
to get back to the terminal server to repeat the process for the next router (see Example 25).
Example 25 - Setting Up a Reverse Telnet Session to Each Lab Router
Termserver#r1
Trying r1 (192.168.10.10, 2001)... Open
R1>
Termserver#r2
Trying r2 (192.168.10.10, 2002)... Open
Router>
Termserver#r3
Trying r3 (192.168.10.10, 2003)... Open
Router>
Termserver#r4
Trying r4 (192.168.10.10, 2004)... Open
Router>
Termserver#r5
Trying r5 (192.168.10.10, 2005)... Open
Router>
Termserver#r6
Trying r6 (192.168.10.10, 2006)... Open
Router>
Termserver#
Notice in Example 25 that the reverse Telnet session is successful because the connection shows
Open
and you are taken to the router prompt of each respective device. R1 is the only router with a configured host name because
it is the only router that you have configured with a host name so far. Thus, the remaining routers take you to the
Router> prompt.
NOTE: Individual host names for the remaining routers will be configured later, "General Router Configurations."
Reverse Telnetting to the Catalyst Switch
Next, establish a reverse Telnet session to the Catalyst 1900 switch by entering
cat1900 and pressing Enter, as shown in Example 26.
Example 26 - Setting Up a Reverse Telnet Session to the Catalyst Switch
Termserver#cat1900
Trying cat1900 (192.168.1.3, 2007)... Open
-------------------------------------------------
Catalyst 1900 Management Console
Copyright (c) Cisco Systems, Inc. 1993-1997
All rights reserved.
Ethernet address: 00-C0-1D-80-C7-5E
-------------------------------------------------
1 user(s) now active on Management Console.
Enter password:
Termserver#
Now from the terminal server, do a
show sessions and notice that each reverse Telnet session has been assigned a connection number (see Example 27).
Example 27 - Connections Numbers Assigned to Each Lab Device
Termserver#show sessions
Conn HostAddress Byte Idle Conn Name
1 r1 192.168.10.10 0 0 R1
2 r2 192.168.10.10 0 0 r2
3 r3 192.168.10.10 0 0 r3
4 r4 192.168.10.10 0 0 r4
5 r5 192.168.10.10 0 0 r5
6 r6 192.168.10.10 0 0 r6
v7 cat1900 192.168.10.10 0 0 cat1900
From this point on, when configuring lab devices, you can access each device by simply entering the connection number associated with the device from the terminal server (that is,
1 to access R1,
2to access R2, and so on).
Summary
You have now successfully completed the configuration of the terminal server. Table 1 summarizes the commands to maneuver
between the terminal server and the lab routers, as well as manage reverse Telnet connections on the terminal server.
Table 1 - Study Guide Command Summary
Command
|
Purpose
|
show sessions
|
Displays all open sessions
|
disconnect connection #
|
Disconnects the desired connection
|
clear line line #
|
Clears the desired asynchronous line
(1 to 16, where 1 = 2001, 2 = 2002 and so on)
|
Ctrl-Shift-6, x
|
Escapes the current session and returns to the terminal server
|
line 1 16
|
Enters line configuration mode for asynchronous lines 1 through 16 on the terminal server
|
line vty 0 4
|
Enters line configuration mode for vty lines 0 through 4
|
transport input protocol
|
Defines what protocols are allowed across the asynchronous or vty lines
|
ip host [hostname] [port] [ip-address]
|
Adds an entry to the IP host name table
|
copy running-config startup-config
|
Copies the running configuration to the startup configuration
|
Top