?
Solved

2511 Console Server - Reverse telnet to console ports actually goes back to console server itself.

Posted on 2010-09-11
5
Medium Priority
?
998 Views
Last Modified: 2013-03-22
I have a 2511 that I configured and it was working fine.  Somewhere along the way I must have changed something that causes it to not work correctly.  I have 7 devices plugged in to ports 1-7, all of which I know work on the console port etc.  The issue is that when I issue a:

connect device and hit <enter>
or
connect lookback-address 2001 (or 2002, etc)

it actually connects me back to the Console server itself again.  I've changed the login message on the console server to confirm that it is in fact what I'm connecting to.

This did work so not sure what happened :(

I've attached the config.

Help very much appreciated!
Current configuration:
!
version 12.0
service config
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname xxxxxx
!
aaa new-model
aaa authentication login default local
aaa authentication enable default enable
aaa authorization exec default local
enable secret !
ip subnet-zero
no ip domain-lookup
ip host r2821a 2001 172.21.1.1
ip host r2821b 2002 172.21.1.1
ip host 3500a 2003 172.21.1.1
ip host 3500b 2004 172.21.1.1
ip host 5505a 2005 172.21.1.1
ip host apcnew1 2006 172.21.1.1
ip host apcold1 2007 172.21.1.1
ip host apcold2 2008 172.21.1.1
!
!
!
interface Loopback0
 ip address 172.21.1.1 255.0.0.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 10.9.9.251 255.255.255.0
 no ip directed-broadcast
 no ip mroute-cache
 no cdp enable
!
interface Serial0
 no ip address
 no ip directed-broadcast
 no ip mroute-cache
 shutdown
 no fair-queue
!
ip default-gateway 10.9.9.254
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 10.9.9.254
!
!
menu console_menu title ^CCC
       ========================================================
      Console Access Server
        ========================================================
        To disconnect a session, please press <CTRL><SHIFT>6 &
        enter X and then enter "18" to disconnect.

        Type a number to select an option;
        Type 17 to exit the menu.
        ========================================================
        ========================================================

        1.      R2821a          Console
        2.      R2821b          Console
        3.      3500a           Console
        4.      3500b           Console
        5.      1900a           Console
        6.      apc new         Console
        7.      apc old 1       Console
        8.      unused
        9.      unused
        10.     unused
        11.     unused
        12.     unused
        13.     unused
        14.     unused
        15.     unused
        16.     unused
        17.     Exit
        18.     Disconnect your present Serial connection

^C
menu console_menu command 1 connect 172.21.1.1 2001
menu console_menu command 2 connect 172.21.1.1 2002
menu console_menu command 3 connect 172.21.1.1 2003
menu console_menu command 4 connect 172.21.1.1 2004
menu console_menu command 5 connect 172.21.1.1 2005
menu console_menu command 6 connect 172.21.1.1 2006
menu console_menu command 7 connect 172.21.1.1 2007
menu console_menu command 8 connect 172.21.1.1 2008
menu console_menu command 9 connect 172.21.1.1 2009
menu console_menu command 10 connect 172.21.1.1 2010
menu console_menu command 11 connect 172.21.1.1 2011
menu console_menu command 12 connect 172.21.1.1 2012
menu console_menu command 13 connect 172.21.1.1 2013
menu console_menu command 14 connect 172.21.1.1 2014
menu console_menu command 15 connect 172.21.1.1 2015
menu console_menu command 16 connect 172.21.1.1 2016
menu console_menu command 17 menu-exit
menu console_menu command 18 disconnect
menu console_menu clear-screen
menu console_menu status-line
menu console_menu line-mode
menu console_menu single-space
snmp-server community public RO
snmp-server community ReadOnly RO
banner incoming ^CConsole Server^C
banner motd ^CHappy Today^C
!
line con 0
 exec-timeout 0 0
line 1 16
 session-timeout 20
 no exec
 exec-timeout 0 0
 transport input all
line aux 0
 transport preferred telnet
 transport input all
 speed 38400
 flowcontrol hardware
line vty 0 4
 exec-timeout 120 0
 autocommand menu console_menu
!
end

Open in new window

0
Comment
Question by:techeez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 25

Expert Comment

by:Ken Boone
ID: 33654895
So could it be that your devices do not have a timeout on them, and when you connect into say the device on port 2002, that that device is actually telnetted back to the terminal server ???  Just throwing some ideas out.  Have you physically checked the cabling?
0
 
LVL 1

Author Comment

by:techeez
ID: 33654950
Thanks for the thoughts.

The thing is though that it's the same for all 7 ports... I know that this did work!  I haven't explicitly retested the cables since this stopped working but I can't imagine that all 7 cables would become defective at one.

For the timeout... 5 of them are cisco devices and then the other 2 are APC masterswitches.  I think given that it's not working for any that it's pretty much got to be something on the 2511.
0
 
LVL 22

Accepted Solution

by:
Jody Lemoine earned 2000 total points
ID: 33655497
From the sounds of it, you're just getting the router's authentication prompt rather than an actual connection back to the router.  If you use the connect command and enter valid credentials for the router when it appears to loop back, does it take you to the 2511's IOS prompt or does it connect you to the device on the serial line.  If it's the latter, you just need to disable authentication to the ports, assuming that you're relying on the devices' own authentication.

aaa authentication login reverse-telnet none
aaa authorization reverse-access reverse-telnet none
!
line 1 16
 login authentication reverse-telnet
 authorization reverse-access reverse-telnet
0
 
LVL 1

Author Closing Comment

by:techeez
ID: 33655710
Thanks... That took care of it!
0
 
LVL 1

Author Comment

by:techeez
ID: 33658081
So the solution was bang on... just to add in case it's helpful for someone else I just hadn't ever waitied long enough after logging in to see that it was just authenticating me first on the console server and THEN passing me through to the 'console port'  I'm still not clear on what I did to change this as it didn't do it previously but at least it's working!  Thanks a lot Jody.
0

Featured Post

Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi there, This article summarizes what you need if you are going to set up your home or small business Network Attached Storage (NAS) to be accessible from the internet. Of course there are configuration differences based on your NAS or router ma…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month12 days, 11 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question