Reverse telnet.

Hi folks,

the topic maybe has been discussed over and over but since I can not get my 877 accessing to a 837 through reverse telnet I'm here to ask your help.

---------- 877 CONF ------------ [CUT] ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 end [CUT] ip host R1 2001 1.1.1.1 [CUT] line con 0 no modem enable transport preferred none line aux 0 modem InOut no exec transport input all transport output all stopbits 1 line vty 0 4 login authentication AAALOGIN ! [CUT]

--------------------------------

----------- 837 CONF -----------

line con 0 exec-timeout 120 0 no modem enable transport preferred telnet line aux 0 line vty 0 4

---------------------------------

and then no way to access

R877#telnet R1 Trying R1 (1.1.1.1, 2001)... Open

User Access Verification

Username: ciccio Password:

(no way to go on)

the only way to exit is to do CTRL + SHIFT + 6 nd then "x"

I read a lot of documentation on router with two CON ans AUX separate but never with those router with only one port being used as either a CONSOLE port or an AUX.

Any advices? I'm getting crazy..... Thanks in advance.

Alex

Reply to
Axl
Loading thread data ...
  1. Which 877 port (con/aux) is connected to which 837 port (con/aux) ?

  1. Post the output of "show line" from the 877

Reply to
Merv

I see that the 877 has a console port and a VIRTUAL aux port

Is a null modem cable being used ???

877 console port pin outs

RJ-45 Pin Function

1 RTS 2 DTR 3 TXD 4 GND 5 GND 6 RXD 7 DSR 8 CTS

837 console port pin outs

RJ45 Pin Function

1 RTS 2 DTR 3 TXD 4 GND 5 GND 6 RXD 7 DSR 8 CTS

Rj45-to-RJ45 null modem cable

RJ45 plug 1 RJ45 plug 2 Function

1 8 CTS CTS
Reply to
Merv

Merv wrote:

Sorry Merv I forgot to mention:

the 837 has to be reached through its console port whilst the 877 does the reverse telnet. Basically the 877 acts as minicom/teraterm/hyperterminal.

Here it is:

R877#sh line Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

  • 0 CTY - - - - - 0 21 256408245/0 - 1 AUX 9600/9600 - inout - - - 31 0 0/0 -
  • 2 VTY - - - - - 39 0 0/0 - 3 VTY - - - - - 7 0 0/0 - 4 VTY - - - - - 0 0 0/0 - 5 VTY - - - - - 0 0 0/0 - 6 VTY - - - - - 0 0 0/0 -

and after having cleared the console line (don't know why it was "busy")

R877#sh line Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int 0 CTY - - - - - 0 22 256426609/0 - 1 AUX 9600/9600 - inout - - - 31 0 0/0 -

  • 2 VTY - - - - - 39 0 0/0 - 3 VTY - - - - - 7 0 0/0 - 4 VTY - - - - - 0 0 0/0 - 5 VTY - - - - - 0 0 0/0 - 6 VTY - - - - - 0 0 0/0 -

now it's still not working. What I can say is that it seems that by doing "telnet R1" the telnet is done against the 877 itself but I don't know why since there should no service avaialble on port 2001 (reverse telnet apart) I Say that because I get authenticated with the username that are stored in the local database and I'm rejected or authenticated on the basis of the username being in the local store. Maybe it's better to post the entire conf:

------------------------------------------------------------------------------- ! ! Last configuration change at 14:37:49 UTC Sun Aug 19 2007 by ciccio ! NVRAM config last updated at 14:37:54 UTC Sun Aug 19 2007 by ciccio ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R877 ! boot-start-marker boot-end-marker ! enable secret 5 $1$VnrW$4LsJuw0duph4lAv.9BE0l0 ! aaa new-model ! ! aaa authentication login AAALOGIN local ! ! aaa session-id common ip cef ! ! ! ! ip ftp username anonymous ip ftp password 7 14140004020A330B28213F39271B061B0E044479564A no ip domain lookup ip domain name cisco.com ip host R1 2001 1.1.1.1 ip ssh version 2 ! multilink bundle-name authenticated ! crypto pki server 1st_server issuer-name cn=R877-1,ou=miacasa,o=ciccio shutdown ! ! ! ! username macuz secret 5 $1$W4Hc$5HJkp/hFKQ97kI8DYCf201 username cassini secret 5 $1$AGQp$NWoB9NCAyr1tREH5RJiYO1 ! ! ! crypto gdoi group MY_GDOI_GROUP identity number 12973 server local rekey retransmit 10 number 2 authorization address ipv4 99 sa ipsec 1 ! Incomplete ! Profile is not configured ! Match address is not configured match address ipv4 199 replay counter window-size 64 address ipv4 1.1.1.1 ! ! crypto identity ciccio ! ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface ATM0 no ip address shutdown no atm ilmi-keepalive pvc 8/35 pppoe-client dial-pool-number 1 ! dsl operating-mode auto hold-queue 224 in ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Vlan1 ip address 192.168.165.253 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 192.168.165.254 ! ! ip http server no ip http secure-server ! ! ! ! radius-server local nas 192.168.165.254 key 7 104D000A061843595F user pippo nthash 7

0871696C2D4A2332302F2E5D7D790671176C034251422156047F0B01052B504C47 user mac nthash 7 072D731B16583B244F472A2F537F7B010B616D74445342215106000D0A0D58504F ! radius-server load-balance method least-outstanding ! control-plane ! alias exec start tclsh hw.tcl ! line con 0 no modem enable transport preferred none line aux 0 modem InOut no exec transport input all transport output all stopbits 1 line vty 0 4 login authentication AAALOGIN ! scheduler max-task-time 5000 ntp logging ntp clock-period 17175089 ntp source Vlan1 ntp server 129.132.2.21 end

-------------------------------------------------------------------------------

This a router for testing so the conf is a little bit messy :-)

Thanks in advance Merv.

Alex

Reply to
Axl

Good question:

I'm using a rollover cable with 2 RJ45 plugs (that with which you need an adapter from RJ45 to DB) and the cable coes from cisco.

Alessandro

Reply to
Axl

Good question:

I'm using a rollover cable with 2 RJ45 plugs (that with which you need an adapter from RJ45 to DB) and the cable coes from cisco.

Alessandro

Reply to
Axl

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.