[c-nsp] 2511 as console server - connection refused?

Mark Zipp mark.r.zipp at gmail.com
Sun Jun 10 20:16:42 EDT 2007


Here's an example of what we have for our 2511 ports. I'm not
completely sure if the session timeout/disconnect warning is working
yet, and haven't had the time to get to looking into it properly. I do
have sessions dropout, but that could be because of remote exec
timeouts, not because of this config. The idea behind doing was so
that idle telnet sessions to console ports eventually timeout,
regardless of whether the remote device supported timing out sessions
or not e.g. Ciscos do, other console ports on other devices might not.

For some devices that don't at all support any of the CTS/RTS/DTR/DSR
lines, just remove the "modem printer" line. On devices that do, it
stops the telnet connection suceeding if the device is switched off -
you get a "connect refused", which is much more useful that sitting
there thinking the device is still powered up but for some reason not
responding.

--
line 1
 session-timeout 60
 location --- <device description> ---
 access-class 1 in
 no exec
 session-disconnect-warning 600 message You'll be logged off in 10
minutes if you don't type something !
 modem Printer
 no history
 transport preferred none
 transport input telnet
 transport output none
 escape-character NONE
 telnet break-on-ip
 telnet speed 9600 9600
 stopbits 1
--


Here's a trick to avoid having to remember the TCP port numbers that
correspond to serial lines. Cisco console servers can perform TCP port
translation - an incoming TCP connection to port 23 to a particular IP
address on the console server is translated to the mapped serial line
TCP port. You can then put your console ports into DNS, and to an
extent, shift them around between different console servers without
the people using them knowing (limited to all the ports within the
subnet being announced, although pushing /32s into the routing cloud
for this specific purpose might be acceptable, allowing full console
server / serial device independence.)

--
interface Loopback0
 description --- "ip alias" subnet, announced into OSPF ---
 ip address 10.0.0.1 255.255.255.0
 ip ospf network point-to-point


ip alias 10.0.0.16 2015
ip alias 10.0.0.17 2016
ip alias 10.0.0.18 2017
ip alias 10.0.0.4 2003
ip alias 10.0.0.5 2004
ip alias 10.0.0.6 2005
ip alias 10.0.0.7 2006
ip alias 10.0.0.2 2001
ip alias 10.0.0.3 2002
ip alias 10.0.0.12 2011
ip alias 10.0.0.13 2012
ip alias 10.0.0.14 2013
ip alias 10.0.0.15 2014
ip alias 10.0.0.8 2007
ip alias 10.0.0.9 2008
ip alias 10.0.0.10 2009
ip alias 10.0.0.11 2010

router ospf 1
  passive-interface loopback0
  network 10.0.0.1 0.0.0.0 area 0.0.0.0
--

("ip ospf network point-to-point" is necessary to stop OSPF announcing
a /32 prefix length for the loopback interface, regardless of the
assigned subnet mask)

Regards,
Mark.

On 11/06/07, Simon Allard <simon.allard at maxnet.co.nz> wrote:
>
> >
> > Apologies for the partial hijaak, but I often have trouble connecting
> to
> > catalyst switches (2924, 3524, 2960) via one of the ports, but not to
> > routers.  Is there special syntax for the switches ?
>
> Nah shouldn't be. A Cisco console is a cisco console. Just make sure you
> are using a roll over cable.
>
>
> Here is my 2511 Config for my line's, which seem to work perfectly.
>
> line 1 16
>  access-class 21 in
>  modem InOut
>  no exec
>  transport input all
>  stopbits 1
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list