Options

Remote Access to Lab

kevin31kevin31 Member Posts: 154
in CCNA & CCENT
Hi Guys

Anyone got any good Ideas on how I could access my lab remotley?

I have a 2509 access server which is connected to the rest of my lab (3 X 2600 and 2 X 2950's). What Id like to be able to do is to telnet into each device by via the access server over the internet?

Any ideas?

Thanks

Kev
LAB - 4 X 2651XM's 1 X 2620 3 X 2950 1 X 2509 AS 1 X 3550
· Share on FacebookShare on Twitter

Comments

  • Options
    tim100tim100 Member Posts: 162
    This depends. Is your internet connection a static IP or dynamic IP? Is it cable or DSL? Please give more details. As far as the configuration on the access server itself you can configure reverse telnet with the port beginning at 2000 + (line number).

    So if Router 1 is connected to line 1 and Router 2 is connected to line 2 it would look something like:

    ip host R1 2001 (IP address of access server)
    ip host R2 2002 (IP address of access server)

    The IP address does not have to be a loopback address on the access server as some documentation may suggest. It could be the IP address you assigned to the ethernet interface.

    Give me more details on your internet connection as far as the static IP or dynamic IP and what type of device is being used as the internet gateway and I can assist you in setting this up.
    · Share on FacebookShare on Twitter
  • Options
    kevin31kevin31 Member Posts: 154
    Its a cable connection with a UK ISP and a dynamic Ip address which rarley changes if it does I can get it again easy enough.

    Do you have the full config of how the 2509 would work?

    I have it working at the moment but connecting into the 2509 first then telneting accross to each device. Id like to be able to just telnet through the 2509 so I can have multiple telnet sessions open?

    I have a Smoothwall firewall running as the gateway so could could set port forwarding to the access server?
    LAB - 4 X 2651XM's 1 X 2620 3 X 2950 1 X 2509 AS 1 X 3550
    · Share on FacebookShare on Twitter
  • Options
    tim100tim100 Member Posts: 162
    kevin31 wrote: »
    Its a cable connection with a UK ISP and a dynamic Ip address which rarley changes if it does I can get it again easy enough.

    Do you have the full config of how the 2509 would work?

    I have it working at the moment but connecting into the 2509 first then telneting accross to each device. Id like to be able to just telnet through the 2509 so I can have multiple telnet sessions open?

    I have a Smoothwall firewall running as the gateway so could could set port forwarding to the access server?

    Configure port forwarding on the gateway to the access server.

    For the access server you can configure it as mentioned in the previous post and then create a username for each router. So let's say you configured:

    ip host R1 2001 (IP address of access server)
    ip host R2 2002 (IP address of access server)

    You would then configure:

    line vty 0 4
    login local

    Then:

    username R1 privilege 15 password (password)
    username R1 autocommand telnet R1
    username R2 privilege 15 passowrd (password)
    username R2 autocommand telnet R2

    You can then log into the access server with the username and it will bring you right to the console of the router.

    On your internal network however, you can telnet straight through the access server and to the console of the particular router by just telnetting to the access server and reverse telnet port number.
    · Share on FacebookShare on Twitter
  • Options
    mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    kevin31 wrote: »
    Id like to be able to just telnet through the 2509 so I can have multiple telnet sessions open?
    If you're port forwarding to get to the 2509, you'd have to open seperate telnet (the 2500s do support SSH Version 1) sessions to ultimately get each router console open in its own telnet window.

    If you were to use a VPN, then you'd be able to telnet to the 2509 and use the line number you wanted to connect to as the port number.
    :mike: Cisco Certifications -- Collect the Entire Set!
    · Share on FacebookShare on Twitter
  • Options
    kevin31kevin31 Member Posts: 154
    Thanks guys!

    below is the current config! I would like to be able to telnet in from the internet to each individual router/switch like mike said rather then telnetting to the 2509 then on from there.

    2509#sh run
    Building configuration...

    Current configuration:
    !
    version 11.2
    no service password-encryption
    no service udp-small-servers
    no service tcp-small-servers
    !
    hostname 2509
    !
    !
    ip host R1 2001 192.168.1.1
    ip host R2 2002 192.168.1.1
    ip host R3 2003 192.168.1.1
    ip host R4 2004 192.168.1.1
    ip host R5 2005 192.168.1.1
    ip host R6 2006 192.168.1.1
    !
    interface Loopback0
    ip address 192.168.1.1 255.255.255.255
    !
    interface Ethernet0
    no ip address
    shutdown
    !
    interface Serial0
    no ip address
    !
    interface Serial1
    no ip address
    !
    no ip classless
    !
    line con 0
    line 1 8
    transport input all
    line aux 0
    line vty 0 4
    login
    !
    end
    LAB - 4 X 2651XM's 1 X 2620 3 X 2950 1 X 2509 AS 1 X 3550
    · Share on FacebookShare on Twitter
  • Options
    mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    kevin31 wrote: »
    I would like to be able to telnet in from the internet to each individual router/switch like mike said rather then telnetting to the 2509 then on from there.
    Since you're running old 11.x IOS code on the (old and slow) 2509 (which could only support DES), I'd suggest you check out any VPN options you can configure with your Smoothwall firewall.

    Once you've got a secure VPN connection to your home network/home dmz, then you can either work on routing or moving/changing your 2509 config to use the Ethernet port.

    One other non-VPN option -- get a good Telnet/SSH Client with tabbed windows and/or macro capabilities have have it open multiple connections to the 2509 and automatically login to the 2905 and then connect to your individual lab routers.
    :mike: Cisco Certifications -- Collect the Entire Set!
    · Share on FacebookShare on Twitter
  • Options
    kevin31kevin31 Member Posts: 154
    mikej412 wrote: »
    Since you're running old 11.x IOS code on the (old and slow) 2509 (which could only support DES), I'd suggest you check out any VPN options you can configure with your Smoothwall firewall.

    Once you've got a secure VPN connection to your home network/home dmz, then you can either work on routing or moving/changing your 2509 config to use the Ethernet port.

    One other non-VPN option -- get a good Telnet/SSH Client with tabbed windows and/or macro capabilities have have it open multiple connections to the 2509 and automatically login to the 2905 and then connect to your individual lab routers.

    Thanks Mike!

    I now have this running IOS 12.0. Do you think I could just enable SSH and then just forward a SSH port to the IP its attached to?

    Also has anyone else had issues doing ctrl shift 6 + x to get from a router back to the 2509? It never works for me any ideas?

    The other issue I have is when I try access one of the devices such as r1 it fails but reboot the routers and it will work again? Is there anything on the remotes that needs to be configured in order for them to work?

    Thanks

    Kevin
    LAB - 4 X 2651XM's 1 X 2620 3 X 2950 1 X 2509 AS 1 X 3550
    · Share on FacebookShare on Twitter
Sign In or Register to comment.