Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1603
  • Last Modified:

Reverse telnet setup

hello all, i am having difficulty in configuring a reverse telnet session between 2 cisco routers.

i have a Cisco 3825 router, which i will use as the aux 0 port. my settings for this port are as follows;

UK-VPN-RTR-3825-01#sh run | b line aux
line aux 0
 exec-timeout 0 0
 modem InOut
 transport preferred telnet
 transport input all
 transport output telnet ssh
 stopbits 1
 flowcontrol hardware

i then have a straight RJ45 network cable going from this router aux port, to the console port of the Cisco 2811 router which i would like to establish a reverse telnet session to.

as i understand it, i need to telnet to the ip address of the 1st router, and on port number 2000 + line number. i do a sh line command, the line number for the aux port is 1. so, i telnet as follows;

telnet 10.0.50.3:2001

nothing happens.

when i do a show line 1 on the aux router, i notice that the modem hardware state says - nocts. i believe this is not good.

please can someone help me?

thanks in advance
0
L-Plate
Asked:
L-Plate
  • 5
  • 4
4 Solutions
 
woolmilkporcCommented:
You must first create a loopback address, then telnet to this address using the port you mentioned (correctly):

UK-VPN-RTR-3825-01#config t
UK-VPN-RTR-3825-01(config)#int loopback 0
UK-VPN-RTR-3825-01(config-if)#ip address 10.0.50.33 255.0.0.0
UK-VPN-RTR-3825-01(config-if)#no shut
UK-VPN-RTR-3825-01(config-if)#exit

telnet 10.0.50.33:2001

IP address and mask are just examples!
0
 
L-PlateAuthor Commented:
hello buddy,

thanks for your help on this. I've configured a loopback interface on the router, and attempted the connection to the loopback interface on port 2001, but still no success.

I ran wireshark on my local pc, my pc sends out an initial TCP SYN packet to the loopback on port 2001, i then receive the next packet which comes from the IP address of the loopback interface, but it's a TCP RST packet, not a TCP SYN as expected.

i see this output on the router when doing a show line;

UK-VPN-RTR-3825-01#sh line 1
   Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
     1    1 AUX   9600/9600  - inout     -    -    -     0      0    0/0      -

Line 1, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600, no parity, 1 stopbits, 8 databits
Status: No Exit Banner, Modem Signals Polled
Capabilities: Hardware Flowcontrol In, Hardware Flowcontrol Out
  Modem Callout, Modem RI is CD
Modem state: Idle
Modem hardware state: noCTS noDSR  DTR RTS
Special Chars: Escape  Hold  Stop  Start  Disconnect  Activation
                ^^x    none   -     -       none
Timeouts:      Idle EXEC    Idle Session   Modem Answer  Session   Dispatch
                never         never                        none     not set
                            Idle Session Disconnect Warning
                              never
                            Login-sequence User Response
                             00:00:30
                            Autoselect Initial Wait
                              not set
Modem type is unknown.
Session limit is not set.
Time since activation: never
Editing is enabled.
History is enabled, history size is 20.
DNS resolution in show commands is enabled
Full user help is disabled
Allowed input transports are pad telnet rlogin lapb-ta mop udptn v120 ssh.
Allowed output transports are telnet ssh.
Preferred transport is telnet.
No output characters are padded
No special data dispatching characters
UK-VPN-RTR-3825-01#

thanks in advance.
0
 
woolmilkporcCommented:
Looks good, basically.

I think you should try

transport preferred all
transport input all
transort output all

for the AUX line.

And try omitting the ":" (colon) in the telnet command parameter.

By the way, is the AUX line number indeed "1" ?

What do you see with "sh line" (without any parameter?

wmp
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
L-PlateAuthor Commented:
hi wmp,

still no joy i'm afraid, i made the changes to the aux line you suggested, and also tried the telnet without the : between ip and port.

yes, aux is line number 1 in this case.

here are the relevant latest outputs;

line aux 0
 exec-timeout 0 0
 modem InOut
 transport preferred telnet
 transport input all
 transport output all
 stopbits 1
 flowcontrol hardware

UK-VPN-RTR-3825-01#sh line
   Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
     0    0 CTY              -    -      -    -    -     0      0    0/0      -
     1    1 AUX   9600/9600  - inout     -    -    -     0      0    0/0      -
*  578  578 VTY              -    -      -    -    5   113      0    0/0      -
   579  579 VTY              -    -      -    -    5     0      0    0/0      -
   580  580 VTY              -    -      -    -    5     0      0    0/0      -
   581  581 VTY              -    -      -    -    5     0      0    0/0      -
   582  582 VTY              -    -      -    -    5     0      0    0/0      -

Line(s) not in async mode -or- with no hardware support:
2-577


i get the following error when trying to telnet to it...

C:\Users\#############>telnet 9.9.9.9 2001
Connecting To 9.9.9.9...Could not open connection to the host, on port 2001: Con
nect failed
0
 
woolmilkporcCommented:
Can you ping 9.9.9.9 ?
0
 
L-PlateAuthor Commented:
yep, i figured out what the issue was, i was using the wrong cable. i read a document that told me to use a STRAIGHT network cable. i thought this was a bit odd since we are connecting a router to another router. anyway, i have changed to a crossover cable, and i can now open the connection to 9.9.9.9 2001

i now have a different problem. i'm prompted for a username and password login prompt. it would be my guess that i should use the password assigned to the console port of the far end router which i am trying to reach. would that be right? anyway, the normal console password is not working, so i'm stuck at this point.

should i be using some other credentials to log in?
0
 
woolmilkporcCommented:
Try adding

login local

to the AUX line definition.
0
 
L-PlateAuthor Commented:
strange, i think i'm nearly there, i've assigned login local to the aux 0 port of the 1st router.

i get a username and password prompt when i telnet to port 2001, but after i type the credentials, the screen just hangs and i don't see anything else.

i also made a normal telnet to the 1st router (router with aux 0 port) to check logged in users. here is what i saw...

UK-VPN-RTR-3825-01#sh users
    Line       User       Host(s)              Idle       Location
   1 aux 0     5Targat3   idle                 00:00:18 10.0.19.127
*578 vty 0     aidan.mcan idle                 00:00:09 10.0.19.127

so it kind of sees that i did log in to the aux 0 connection, but for some reason i don't see any output.
0
 
woolmilkporcCommented:
I think you should try to go without "flowcontrol" and "stopbits" on AUX - after all, you don't use a modem but a loopback line!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now