Configuring a Cisco Access Server
Moving your console cable from one device to another can be time consuming. This lab will discuss and demonstrate configuration and verification of a Cisco terminal server such as a Cisco 2509, 2511 or the Cisco NM-16A/S and NM-32A/S
Real World Application:
This lab will teach you how to configure a Cisco Access Server which can be used to access all your Cisco Lab devices from a single point of administration.
Often times, many companies will utilize Access Servers for direct console access to a Cisco device in a network rack, this allows the remote administrator(s) to reload the router and examine the bootstrap dispatch as well as boot into ROM Monitor mode remotely for password recovery, image recovery and access control list configuration.
Lab Prerequisites
- Complete Lab 1.2 before attempting this lab or have a current Cisco console session open to the access server.
- Make sure that the Access Server Async Lines are connected to the respected devices. Example;
| Line Number | Device |
|---|---|
| 1 | Router 1 |
| 2 | Router 2 |
| 3 | Router 3 |
| 4 | Router 4 |
| 5 | Router 5 |
| 6 | Switch 1 |
| 7 | Switch 2 |
| 8 | Switch 3 |
Lab Objectives
- Assign a Hostname to the Access Server of your preference.
- Configure a Loopback interface to use for in reverse telnet sessions.
- Configure local ip host(s) for reverse telnet to the loopback interface on the correct lines that are plugged into their respective devices. See Lab Prerequisites for example.
- Prevent the Async lines from establishing an EXEC session with the access server.
- Configure the input transport protocol to Telnet on the Async lines.
- Optional – Prevent reverse telnet sessions on the Async lines from timing-out.
Lab Instruction
Step 1: Assign a Hostname to the Access Server of your preference.
Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z Router(config)#hostname Access_Server Access_Server(config)#
Step 2: Configure a loopback interface for use in reverse telnet sessions.
Access_Server(config)#interface loopback 0 Access_Server(config-if)#ip address 10.10.10.10 255.255.255.255 Access_Server(config-if)#exit Access_Server(config)#
Step 3: Configure local ip host(s) to utilize the loopback0 interface and the respected Async line for reverse telnet. To view the available line numbers on your platform issue the do show line command from global configuration.
Access_Server(config)#ip host r1 2001 10.10.10.10 Access_Server(config)#ip host r2 2002 10.10.10.10 Access_Server(config)#ip host r3 2003 10.10.10.10 Access_Server(config)#ip host r4 2004 10.10.10.10 Access_Server(config)#ip host r5 2005 10.10.10.10 Access_Server(config)#ip host r6 2006 10.10.10.10 Access_Server(config)#ip host sw1 2007 10.10.10.10 Access_Server(config)#ip host sw2 2008 10.10.10.10 Access_Server(config)#ip host sw3 2009 10.10.10.10
Step 4: Prohibit the async lines from establishing an EXEC session with the access server.
Access_Server(config)#line 1 16 Access_Server(config-line)#no exec
Step 5: Configure the transport input protocol on the async lines to Telnet.
Access_Server(config-line)#transport input telnet
Step 6: Optional – Prevent reverse telnet sessions on the Async lines from timing-out.
Access_Server(config-line)#exec-timeout 0 0 Access_Server(config-line)#end Access_Server#
After you have configured the device, be sure to test each and every line by typing in the hostname of the device you wish to establish a console session with.
Access_Server#r1
Trying r1 (10.10.10.10, 2001)… Open
% Please answer ‘yes’ or ‘no’.
Would you like to enter the initial configuration dialog? [yes/no]:
To exit this session use the key stroke combination Ctrl + Shift + 6 then X Executing this key stroke combination will take you back to your Access Servers CLI.
Access Server#r1
Trying r1 (10.10.10.10, 2001)... Open
% Please answer 'yes' or 'no'.
Would you like to enter the initial configuration dialog? [yes/no]:
Access Server#
You will have several commands available to you for trouble shooting and diagnostics. Such as the show host command shown below;
Access_Server#show host
Default domain is not set
Name/address lookup uses domain service
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
r1 2001 (perm, OK) 0 IP 10.10.10.10
r2 2002 (perm, OK) 0 IP 10.10.10.10
r3 2003 (perm, OK) 0 IP 10.10.10.10
r4 2004 (perm, OK) 0 IP 10.10.10.10
r5 2005 (perm, OK) 0 IP 10.10.10.10
sw1 2006 (perm, OK) 0 IP 10.10.10.10
sw1 2007 (perm, OK) 0 IP 10.10.10.10
sw3 2008 (perm, OK) 0 IP 10.10.10.10
Access_Server#
Also another command available is the show session command. This command will display information about your current telnet sessions.
Access_Server#show session
Conn Host Address Byte Idle Conn Name
* 1 r1 10.10.10.10 0 3 r1
Access_Server#
You may often be required to clear an Async line because the line is already in use and when trying to establish a connection to a device may be refused as shown below;
Access_Server#r1
Trying r1 (10.10.10.10, 2001)...
% Connection refused by remote host
Access_Server#
To clear a line that a device is connected to, you must first know the line number which the device is connected to, this can be found out by doing the show host command as previously discussed. To clear an Async line, you will use the clear line tty xx. The example shown below is used to clear the Async line that r1 is connected to.
Access_Server#clear line tty 1
[confirm]
[OK]
Access_Server#
