[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1079
  • Last Modified:

Basic configuration for using a 2611 as a front for a terminal server

I was thinking of using a 2611 (not a 2511) as kind of a front end for a terminal server using the 2611's AUX port. What I envision is logging into the 2611 through SSH and having the the input/output of the session redirected through through the AUX port. The AUX port would be connected to the control serial port of the terminal server (really just a selectable selectable serial ports connected to the console ports of the other devices). Setup looks something like this:


Remote access terminal (SSH-ethernet)
^
|
v
Cisco 2611 (SSH-e0/0-ethernet)
|
Cisco 2611 (AUX-serial)
^
|
v
Terminal server (Control serial port)
^^^^
| | | |
vvvv
Devices (Console serial ports)

I believe for the connection though the 2611 I'd need to use a reverse telnet connect (though I'm not sure how to do that).

I'm kinda clueless in how to set up the 2611 for this. Assuming that the router is used for no other purpose, what would the basic configuration file look like for the cisco 2611 to be able to do this?

Thanks.
0
1gtx
Asked:
1gtx
  • 8
  • 6
1 Solution
 
SouljaCommented:
Could you provide more detail of exactly what you are trying to accomplish?
0
 
1gtxAuthor Commented:
Pretty simple

1) Log into 2611 through the Ethernet connection using SSH
2) Then establish a connection to the 2611's AUX port
3) Communicate back and forth with another device's serial port

In summary, using the 2611 as a secure Ethernet front end for another device's serial port.

(there are other purposes as well, but this is the primary component)
0
 
kdearingCommented:
It sounds like you want to use this setup as a serial console server.

There are devies designed for this. BlackBox makes very good ones.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
1gtxAuthor Commented:
That's nice, but there are other reasons for going with this approach that is beyond the scope of the original question..

I don't think that this should be difficult to setup. Am I wrong?
0
 
kdearingCommented:
What you are trying to do will not work.

I assumed you were looking for a solution to controlling multiple serial devices remotely.
That is why I made the suggestion.
0
 
1gtxAuthor Commented:
I'm controlling another device that controls multiple other serial devices.

All I'm trying to do is connect through the 2611's ethernet port and talk back and forth through the 2611's AUX port (or even the console port) to another serial device.

So you're saying that you can't ssh into a 2611 and then continue the session through the Aux port using reverse telnet?

0
 
kdearingCommented:
To my knowledge, you cannot route or redirect your telnet session like that.
Since you asked, I've tried to do it (I have a couple 2610's)...unsuccessful.
0
 
1gtxAuthor Commented:
I've gotten it to work.

I telnet through a 2611's e0/0 and establish serial communications with a device connected to the 2611's AUX port. I can then select a device connected to that device, like a ASA 5505, and then continue the conversation with it (the 5505).

PC-->2611 e0/0-->2611 aux 0-->terminal server-->asa 5505  Bingo!

I'll post a config that works later today.
0
 
kdearingCommented:
That's great.
I'd be very interested in seeing the config.
0
 
1gtxAuthor Commented:
Sorry I haven;'t posted the config yet. I try to do it tomorrow
0
 
1gtxAuthor Commented:
I haven't forgotten-I've just been swamped
0
 
kdearingCommented:
No problem.
I am very curious to see the config.
0
 
1gtxAuthor Commented:
Sorry it took so long--I've been traveling a lot.

Here's a stripped down version of a config for a 2611 that works as I wanted.

It has a few special features:
1) you connect in using an ssh connection, telnet isn't authorized (be sure to issue the 'crypto key gen rsa gen mod 2048' to generate a key for use with ssh)
2) you connect into the ssh connection using a dedicated ip instead of selecting a standard port (192.168.1.36 vs 192.168.1.38 port 2065)

It works well. Just use something like putty and connect to 192.168.1.36 (default port) using ssh version 1 (version 2 not supported on 2611s) and after a short delay (1-3 secs) you'll be asked for your username (<username>) and password (<password>). You'll get a message like 'PASSWORD OK' and then you'll be connected out the aux port of the 2611 to whatever serial device you're connected to (at 9600 baud, 1 stop, even parity, no flow control).

Be aware that if you change the hostname of domain name you'll need to regenerate the keys for ssh using crypto.

Not very straight forward but it works great!
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname demo
!
boot-start-marker
boot-end-marker
!
enable secret 5 <suppressed>
!
username <username> privilege 15 secret 5 <suppressed>
no aaa new-model
ip subnet-zero
no ip cef
!
ip domain name demo.com
!
ip audit po max-events 100
ip ssh port 5001 rotary 1
!
 
interface Loopback0
 ip address 192.168.1.38 255.255.255.248
!
interface Ethernet0/0
 ip address 192.168.1.2 255.255.255.252
 full-duplex
!
interface Serial0/0
 no ip address
 shutdown
 no fair-queue
!
interface Ethernet0/1
 ip address 192.168.1.6 255.255.255.252
 full-duplex
!
!
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.1
ip alias 192.168.1.36 5001
!
line con 0
line aux 0
 no motd-banner
 no exec-banner
 exec-timeout 6 0
 session-limit 5
 login local
 rotary 1
 special-character-bits 8
 no exec
 transport preferred none
 transport input ssh
 transport output ssh
line vty 0 4
!
!
end

Open in new window

0
 
kdearingCommented:
I've got a 2610 I am going to try it out on.

As much time as I spend on this site and another like it helping other people, I enjoy coming across opportunities like this to learn new tricks.

Thanks,
0
 
1gtxAuthor Commented:
Let me know if you have issues.

I stripped the config down for security and simplicity reasons, but I got the master config working on multiple sites.

Quite useful from my standpoint.
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now