Connecting to Routers Remotely

Diesel423Diesel423 ■□□□□□□□□□ Posts: 7Member ■□□□□□□□□□
Quick Question.
At the insistence of the good lady indoors my Lab equipment is kept downstairs in the basement. I use a warmer room upstairs to study.
I have 2 seperate lab configurations set up downstairs. Without using the worlds 2 longest console cables, what is the easiest way to be able to configure them both from upstairs? Trawling other posts I have seen mention of using an access router, am I on the right lines here?
Thank you.
«1

Comments

  • dtlokeedtlokee Posts: 2,381Member
    Diesel423 wrote:
    I use a warmer room upstairs to study.

    This just indicates that you lab isn't lage enough yet to heat the basement, I suggest upgrading icon_wink.gif

    You will need some sort of access server, typically people use the 2509 or 2511 for this but there are others out there you can use. The 2509 can have up to 8 devices and the 2511 can have up to 16 devices connected to it.
    The only easy day was yesterday!
  • Diesel423Diesel423 ■□□□□□□□□□ Posts: 7Member ■□□□□□□□□□
    Thanks.

    On the cable coming from the access router (octal) do the RJ45 ends attach to the console ports of the routers as normal therefore allowing password recovery etc or do they have to be connected to an ethernet interface?
    Thanks again.
  • beezeebeezee ■■□□□□□□□□ Posts: 41Member ■■□□□□□□□□
    I think he's talking about trying to telnet to his lab from the internet while he's upstairs with his lab in the basement.

    I know it can be done but I haven't gotten to that point yet but its on my my list of things to do.
  • beezeebeezee ■■□□□□□□□□ Posts: 41Member ■■□□□□□□□□
    Diesel423 wrote:
    Thanks.

    On the cable coming from the access router (octal) do the RJ45 ends attach to the console ports of the routers as normal therefore allowing password recovery etc or do they have to be connected to an ethernet interface?
    Thanks again.

    You are correct. Each RJ-45 cable will go the the console port on each router/switch you have.
  • LOkrasaLOkrasa Posts: 343Member
    Diesel423 wrote:
    Thanks.

    On the cable coming from the access router (octal) do the RJ45 ends attach to the console ports of the routers as normal therefore allowing password recovery etc or do they have to be connected to an ethernet interface?
    Thanks again.

    Attach to the console port on each router.
  • LOkrasaLOkrasa Posts: 343Member
    dtlokee wrote:
    Diesel423 wrote:
    I use a warmer room upstairs to study.

    This just indicates that you lab isn't lage enough yet to heat the basement, I suggest upgrading icon_wink.gif

    Aint that the truth... I wish I had a seperate room for my lab. I cant stand sitting next to it even in the winter bc it gets sooo hot.
  • freetechfreetech Posts: 154Member
    If I understand the question, let me tell you what I did, which worked quite nicely.
    First set up the 2509 or 2511 access router.
    Once that is done and working, get an old computer (I used an old PII 200 IBM Thinkpad 770) and use it as a "console server".
    Hook up the old computer to the 2509 or 2511 via the console cable and verify that it works. Remember to give the old computer a static address. Then just connect remotely to the old computer via Windows built-in Remote Desktop Connection. You can use the Remote Desktop wirelessly too.
    It ain't fancy or expensive, but it worked great.
    Let me know if you have questions.
    Experience is a harsh teacher. She gives the test first, the lesson afterwards.
  • Diesel423Diesel423 ■□□□□□□□□□ Posts: 7Member ■□□□□□□□□□
    Thanks beezee, yes what I was thinking was maybe being able to connect from the P.C upstairs by means of telnet or similar to an access router downstairs to control the labs.
    Luckily when I moved in the place already had RJ45 sockets in each room connected to a central hub. Im assuming that I should be able to just connect the access router in to the basement wall jack and telnet to it from the P.C upstairs icon_confused.gif:
  • Diesel423Diesel423 ■□□□□□□□□□ Posts: 7Member ■□□□□□□□□□
    freetech wrote:
    If I understand the question, let me tell you what I did, which worked quite nicely.
    First set up the 2509 or 2511 access router.
    Once that is done and working, get an old computer (I used an old PII 200 IBM Thinkpad 770) and use it as a "console server".
    Hook up the old computer to the 2509 or 2511 via the console cable and verify that it works. Remember to give the old computer a static address. Then just connect remotely to the old computer via Windows built-in Remote Desktop Connection. You can use the Remote Desktop wirelessly too.
    It ain't fancy or expensive, but it worked great.
    Let me know if you have questions.

    icon_idea.gif Brilliant, got an old P.C that was about to be junked think i'll give that a go.

    Thanks for everyones help.
  • beezeebeezee ■■□□□□□□□□ Posts: 41Member ■■□□□□□□□□
    I'm sure there is a better way to do it and learn in the process. Talk to "itdaddy", He can access his entire home network from anywhere in the world.
  • freetechfreetech Posts: 154Member
    Again, let me know if you have questions.
    The most difficult part for me was getting the 2509 working as an access server. I have some good instructions if you need them.
    The old computer should have XP Pro or Win2k Pro. I'm not sure, but I don't think XP Home will work. If you use Win2k Pro, you'll need to download the Remote Desktop Connection software for Windows2000 Pro from Microsoft.
    Experience is a harsh teacher. She gives the test first, the lesson afterwards.
  • beezeebeezee ■■□□□□□□□□ Posts: 41Member ■■□□□□□□□□
    freetech wrote:
    If I understand the question, let me tell you what I did, which worked quite nicely.
    First set up the 2509 or 2511 access router.
    Once that is done and working, get an old computer (I used an old PII 200 IBM Thinkpad 770) and use it as a "console server".
    Hook up the old computer to the 2509 or 2511 via the console cable and verify that it works. Remember to give the old computer a static address. Then just connect remotely to the old computer via Windows built-in Remote Desktop Connection. You can use the Remote Desktop wirelessly too.
    It ain't fancy or expensive, but it worked great.
    Let me know if you have questions.

    That IS brilliant too. Never would have thought of doing that.
  • mikej412mikej412 Posts: 10,090Member
    Diesel423 wrote:
    Im assuming that I should be able to just connect the access router in to the basement wall jack and telnet to it from the P.C upstairs icon_confused.gif:
    Yep, that's the most common way.

    Once you have your access server configured and working when you telnet into it, you can then also make telnet shortcuts to each of your routers on your study pc pointing to the access server IP plus the port the line is configured on -- that gives you individual telnet windows to each of the remote routers console ports through the access server.

    The easiest way to remote access a home lab is to configure and use a VPN -- then it's just like when you're studying upstairs, even if you're halfway around the world.

    A PC in the basement directly attached to the access router's console port is your "backup" if you have a problem with your access server.
    :mike: Cisco Certifications -- Collect the Entire Set!
  • JohnDouglasJohnDouglas Posts: 186Member
    Anyone got a dunce's guide to setting up access servers?

    Just got my first bit of real kit to get some real experience. I have have a console connection to R1 then an octal cable from the asyn to the console of R2.

    I've wiped teh config on both routers so i'm starting from scratch.

    If there's a good article somewhere please let me know. I shall head off to continue my google searches now. Wish i had this stuff when i was studying ccna rather than virtual routers. I mean i spent 20 minutes wondering why the hyperterminal wouldn't work then realised the dongle needed a driver. doh!
  • dtlokeedtlokee Posts: 2,381Member
    You will need to do a bit of configuration on the lines, then you can telnet to them using reverse telnet.

    Depending on the model the line numbers will vary but for a 2509 it ill be:

    line 1 8
    no exec

    that's about it. I would also add some IP host statements using a bogus IP assigned to a loopback address

    interface loop 0
    ip address 1.1.1.1 255.255.255.255
    no shut
    !
    ip host R1 2001 1.1.1.1
    ip host R2 2002 1.1.1.1

    As you can see the way to access the router is using the reverse telnet line numbers (2000 + the line number) you can also do this from your computer with telnet (or whatever terminal programe you prefer)

    Telnet 192.168.1.1 2001

    Just use whatever IP you assigned to the ethernet inteface of the router (access server). Also if you want to connect to the devices from the outside world you will need a defaule route on the access server and configure port forwarding on your Internet router.
    The only easy day was yesterday!
  • freetechfreetech Posts: 154Member
    I feel your pain.
    Here is the link that I found most helpful in setting up the console server:

    http://mail.cynico.net/~hucke/network/notes-2511.html

    Some people call it a "console server". If you search Google or any search engine, "console server and Cisco 2509, 2511" will typicaly get you the best results.

    Let me know if I can help further.
    Experience is a harsh teacher. She gives the test first, the lesson afterwards.
  • mikej412mikej412 Posts: 10,090Member
    Check out Wildfire's post in this thread for a sample configuration. It includes access from a menu, which is handy when you are first starting out.

    Once you get the hang of the access server, then you'd probably just use the CLI (and open all your routers in a logical sequence so R1 is on line 1, R2 is on line 2, etc.) or use individual telnet sessions through the access server to the console ports of each router and switch (like they do in the CCIE Lab).
    :mike: Cisco Certifications -- Collect the Entire Set!
  • JohnDouglasJohnDouglas Posts: 186Member
    Excellent. Thanks for the responses guys. Time to sleep now but I'll be up to crack it first thing in the morning.
  • JohnDouglasJohnDouglas Posts: 186Member
    dtlokee wrote:
    You will need to do a bit of configuration on the lines, then you can telnet to them using reverse telnet.

    Depending on the model the line numbers will vary but for a 2509 it ill be:

    line 1 8
    no exec

    that's about it. I would also add some IP host statements using a bogus IP assigned to a loopback address

    interface loop 0
    ip address 1.1.1.1 255.255.255.255
    no shut
    !
    ip host R1 2001 1.1.1.1
    ip host R2 2002 1.1.1.1

    As you can see the way to access the router is using the reverse telnet line numbers (2000 + the line number) you can also do this from your computer with telnet (or whatever terminal programe you prefer)

    Telnet 192.168.1.1 2001

    Just use whatever IP you assigned to the ethernet inteface of the router (access server). Also if you want to connect to the devices from the outside world you will need a defaule route on the access server and configure port forwarding on your Internet router.

    Hmm, i've had a go but still the connection is refused by R1
    host#telnet 1.1.1.1 2001
    Trying 1.1.1.1, 2001 ...
    % Connection refused by remote host
    

    i'm probably missing something very obvious. will get back to it after a coffee.
  • JohnDouglasJohnDouglas Posts: 186Member
    EDIT - got it to work!

    Still not working. If anyone can tell me where my dumb mistake is please let me know.

    Here's running config of the console server:
    ConsoleServer#show run                      
    Building configuration                     
    
    Current configuration:                      
    ! 
    version 12.0            
    service timestamps debug uptime                               
    service timestamps log uptime                             
    no service password-encryption                              
    ! 
    hostname ConsoleServer                      
    ! 
    ! 
    ip subnet-zero              
    ip host R2 2002 1.1.1.1                       
    ip host R1 2001 192.168.10.10                             
    ! 
    ! 
    interface Loopback0                   
     ip address 192.168.10.10 255.255.255.0                                       
     no ip directed-broadcast                         
    ! 
    interface Ethernet0                   
     no ip address              
     no ip directed-broadcast                         
     shutdown         
    ! 
    interface Serial0                 
     no ip address              
     no ip directed-broadcast                         
     no ip mroute-cache                   
     shutdown         
    !
    interface Serial1
     no ip address
     no ip directed-broadcast
     shutdown
    !
    ip classless
    !
    !
    !
    line con 0
     transport input none
    line 1 8
     no exec
     international
     transport input all
    line 9 16
     transport input all
    line aux 0
    line vty 0 4
    !
    end
    

    Here's the running config of R1

    R1#show run           
    Building configuration...                         
    
    Current configuration:                      
    ! 
    version 12.0            
    service timestamps debug uptime                               
    service timestamps log uptime                             
    no service password-encryption                              
    ! 
    hostname R1           
    ! 
    ! 
    ip subnet-zero              
    ! 
    ! 
    interface Ethernet0                   
     no ip address              
     no ip directed-broadcast                         
     shutdown         
    ! 
    interface Serial0                 
     no ip address              
     no ip directed-broadcast                         
     no ip mroute-cache                   
     shutdown
    !
    interface Serial1
     no ip address
     no ip directed-broadcast
     shutdown
    !
    ip classless
    !
    !
    !
    line con 0
     transport input none
    line 1 8
     no exec
     transport input all
    line 9 16
    line aux 0
    line vty 0 4
     login
    !
    end
    

    Here's the output i get when i try to telnet from the console server to R1:
    ConsoleServer#R1
    Trying R1 (192.168.10.10, 2001)... Open
    
    R1#
    

    just noticed it actually bloody works! wooohooo. wtf does it suddenly work when i give up and post my woe on here! magic forum. oh, one significant problem i found earlier (not the reason it's suddenly worked now) is that the console server would be hard pressed to connect to R1 as it wasn't actually physically connected! i'd removed the octal connection to the console port and connected directly to R1 to play around with it. then i didn't replace teh octal connection again. think i'll push out my ccie lab by a couple of weeks eh.

    Other useful links.
    http://www.tech-recipes.com/cisco_router_tips719.html
    http://www.ciscopress.com/articles/article.asp?p=27650&seqNum=5&rl=1
  • networker050184networker050184 Mod Posts: 11,962Mod Mod
    Use the same IP address but different ports for all your routers. So for R2 use:

    ip host R2 2002 192.168.10.10
    An expert is a man who has made all the mistakes which can be made.
  • JohnDouglasJohnDouglas Posts: 186Member
    Will do networker. Not actually added a second router yet.

    BTW - Thanks for everyones help with this. glad i finally sorted it out. cheers.
  • freetechfreetech Posts: 154Member
    Hmm, i've had a go but still the connection is refused by R1
    Code:
    host#telnet 1.1.1.1 2001
    Trying 1.1.1.1, 2001 ...
    % Connection refused by remote host


    i'm probably missing something very obvious. will get back to it after a coffee

    If you just try to re-connect by opening a telnet session, it will just refuse the connection because it already has an open session going.
    It may have worked when you came back to it because the session on R1 timed out or you may have turned it off and then back on. Either of those things will break the session.

    The connection is typically refused by R1 becasue it already has a session open to the console server. Just do
    sh sessions
    
    on the console server to see open sessions. Then just type in
    resume 1
    
    or
    res 1
    
    to open session 1 and get back on R1.
    Experience is a harsh teacher. She gives the test first, the lesson afterwards.
  • JohnDouglasJohnDouglas Posts: 186Member
    freetech wrote:
    Hmm, i've had a go but still the connection is refused by R1
    Code:
    host#telnet 1.1.1.1 2001
    Trying 1.1.1.1, 2001 ...
    % Connection refused by remote host


    i'm probably missing something very obvious. will get back to it after a coffee

    If you just try to re-connect by opening a telnet session, it will just refuse the connection because it already has an open session going.
    It may have worked when you came back to it because the session on R1 timed out or you may have turned it off and then back on. Either of those things will break the session.

    The connection is typically refused by R1 becasue it already has a session open to the console server. Just do
    sh sessions
    
    on the console server to see open sessions. Then just type in
    resume 1
    
    or
    res 1
    
    to open session 1 and get back on R1.

    ah, i see. thanks for explaining that. i guess that's what happened.
  • beezeebeezee ■■□□□□□□□□ Posts: 41Member ■■□□□□□□□□
    I assume(thinking out loud) this could also work using a 2600 series with LAN/WAN interfaces (2611) and NM-16A 16 port Async Module.

    Configure WAN interface with dhcp/preferably static IP address from ISP, config LAN interface with a private range IP address, configure NAT overload. On the 2611, you would then go to "line vty 0 4" and set "transport input SSH". This will only allow secure shell connections which will be encrypted.
    So, from Cable/DSL modem to 2611 router, then using your octal cable to all other routers and switches. Load an appropriate IOS version that on the 2600 that is capable of SSH1 or SSH2.

    You would then be able to SSH directly into you router from anywhere in the world.

    Ok, it seems a bit tedious but it would be fun

    Back to Ebay for a NM-16A 16 port Async Module.
  • ravy2008ravy2008 ■□□□□□□□□□ Posts: 3Member ■□□□□□□□□□
    Hi Guys,

    I too am trying to set up the same configuration where all my equipment is downstairs and I would like to telnet/ssh (not RDP) to my computer via the internet or wireless network. I was able to establish a VPN connection as per instructions on this thread but after that what are the next steps?

    Any detailed help would be greatly appreciated. I have a terminal server (2511) connected to all my routers and switches. My laptop is connected to the terminal server and I have a VPN (XP Based) between my desktop and laptop.

    Thanks,
    Ravy
  • mikej412mikej412 Posts: 10,090Member
    ravy2008 wrote:
    I would like to telnet/ssh (not RDP) to my computer via the internet or wireless network.
    Is your computer a Linux System? If it isn't, then you'd need some to run a telnet server (or ssh server). And from there then you'd telnet into the access server?

    If you have a VPN to your network, you should just be able to telnet/ssh to the terminal server.

    If your VPN is host to host, then you need something like RDP or VPN to control the remote desktop -- unless you've configured both ends to route traffic.

    If you're sitting upstairs, then you should just be able to route through the wireless network to the access server down stairs (or RDP or VPN to the PC attached to the console of the terminal server).
    :mike: Cisco Certifications -- Collect the Entire Set!
  • eleguaelegua Posts: 282Member
    Hi Guys,

    The other way to do this is accessing the Access Server using SSH, if you want me to help you let me know, if you have a static IP at home will be better, if you have a dynamic IP the configuration will be a little different, this is what i have at home:


    Internet
    R1760
    AS2610
    LAB.


    Hope this help. icon_wink.gif icon_wink.gif
  • ravy2008ravy2008 ■□□□□□□□□□ Posts: 3Member ■□□□□□□□□□
    Hello,

    Yes can someone still assist me, it would be greatly appreciated.

    So here is my setup.

    1. Upstairs - Windows XP Professional 32 bit, internet connection and wireless router
    2. Basement - Windows XP Professional 32 bit w/ wireless card, 2511 access terminal and some switches.

    So what I would like to be able to do is from my upstairs computer, somehow be able to telnet into the 2511 and access my switches.

    I'm OK when it comes to computers however not that familiar with Cisco gear at all so any help is welcomed.

    Thanks,
    Ravy
  • dynamikdynamik ■■■■■■■■□□ Posts: 12,314Banned ■■■■■■■■□□
    You could setup a telnet server on your basement machine, or you could simply remote desktop to it as well. You could do more complex things like bridge the wireless and wired (which I assume you have) network connections in that machine as well.
Sign In or Register to comment.