terminal server

raijin199 · ‎01-27-2025

I have a Cisco router 2900 with a Cisco HWIC-16A 16 port Async interface card on the back that i plan to use to console into nearby switches in case they lose connectivity for an OOB solution.

I have tried many documentation regarding this setup and I cannot get this to work. What is the proper configuration for the ASYNC interfaces and what the command I need to use to console into those switches from my router?

liviu.gheorghe · ‎01-27-2025

Hello @raijin199 ,

You start by identifying the ASYNC lines in your equipment. Issue the show line command. You will get an output like this one:

TS_EVO>sho line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 1 0 0/0 -
33 TTY 9600/9600 - - - - - 3 189227 0/0 -
34 TTY 9600/9600 - - - - - 5 19 2/0 -
35 TTY 9600/9600 - - - - - 15 3345 0/0 -
36 TTY 9600/9600 - - - - - 6 384 0/0 -
37 TTY 9600/9600 - - - - - 0 22 0/0 -
38 TTY 9600/9600 - - - - - 0 36315 1/0 -
39 TTY 9600/9600 - - - - - 0 23715 0/0 -
40 TTY 9600/9600 - - - - - 0 42802 0/0 -
41 TTY 9600/9600 - - - - - 0 0 0/0 -
42 TTY 9600/9600 - - - - - 0 0 0/0 -
43 TTY 9600/9600 - - - - - 0 0 0/0 -
44 TTY 9600/9600 - - - - - 0 0 0/0 -
45 TTY 9600/9600 - - - - - 0 0 0/0 -
46 TTY 9600/9600 - - - - - 0 0 0/0 -
47 TTY 9600/9600 - - - - - 0 0 0/0 -
48 TTY 9600/9600 - - - - - 0 0 0/0 -
65 AUX 9600/9600 - - - - - 0 0 0/0 -
* 66 VTY - - - - - 665 0 0/0 -
67 VTY - - - - - 21 0 0/0 -
68 VTY - - - - - 1 0 0/0 -
69 VTY - - - - - 0 0 0/0 -
70 VTY - - - - - 0 0 0/0 -
71 VTY - - 1 - - 3 0 0/0 -
72 VTY - - 2 - - 0 0 0/0 -
73 VTY - - 3 - - 2 0 0/0 -
74 VTY - - 4 - - 0 0 0/0 -
75 VTY - - 5 - - 0 0 0/0 -
76 VTY - - 6 - - 0 0 0/0 -
77 VTY - - 7 - - 0 0 0/0 -
78 VTY - - 8 - - 0 0 0/0 -
79 VTY - - - - - 0 0 0/0 -
80 VTY - - - - - 0 0 0/0 -
81 VTY - - - - - 0 0 0/0 -

Line(s) not in async mode -or- with no hardware support:
1-32, 49-64

Your ASYNC interfaces are those with TTY in the Typ column in my example I have 16 async lines raging from 33 to 48. Depending on the platform you use, async lines numbering can be different - adjust them to you situation.

To access a particular line, for example line 36, you must telnet to your 2900 router on a IP configured on the box and use port number 2000+line number. In our example you will use:

telnet <valid IP on the 2900> 2036

The configuration of the async lines are as follows (default for the Cisco console - 9600,8,N,1):

line 33 48
speed 9600

databits 8

parity none
transport input all
stopbits 1

On the vty lines, don't forget the transport input telnet ssh command in order to be able to access the router via telnet/ssh:

line vty 0 21

transport input telnet ssh

And that is all you have to configure to use the 2900 with HWIC-16A as a terminal server.

HTH

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-07-2025

ok, so i ran the commands that you posted and this is how my lines look.

What would be the command to check if I can console into the other switches from this console server(router).

Let me know if I need to make any changes

liviu.gheorghe · ‎02-07-2025

From the image you provided, I can see that your async interfaces range is 0/0/0 through 0/0/15 and those correspond to lines 3 through 18.

So first async interface, async 0/0/0, corresponds to line 3. If you connect this line to a console port of another device you want to manage and issue the following command from the terminal server:

telnet <any IP on the router> 2003

you will access the other device console port.

On the vty lines, don't forget the transport input telnet ssh command in order to be able to access the router via telnet/ssh.

HTH

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-07-2025

Will thisbwork even if those devices lose internet connectivity?

liviu.gheorghe · ‎02-07-2025

The connection you are trying to establish to the console port is called an "out-of-band" connection which means that it has nothing to do with being able to reach that equipment via the normal data path.

As long as you are able to reach the terminal server - telnet/ssh into it - you will be able to reach the managed device via console even if the managed device looses internet connectivity.

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-07-2025

i am trying to console into a connected switch from the console server with
the command you provided, but I am being asked for a password.

I am using the same password that I would use if I were to ssh into this
switch, but that didn't work. I also tried the same password of the
console server when I ssh and that does not work. I don't remember setting
any password for the tty lines. Do you have any ideas of which password
this is, or if I can set a new one in the tty line or is it console line.

Thanks in advance.

liviu.gheorghe · ‎02-07-2025

Can you share the anonymised config of the terminal server?

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-07-2025

^C

aaa authentication password-prompt Please_Enter_Your__■■■■■_Domain_password:

aaa authentication username-prompt Please_Enter_Your_■■■■■_Domain_username:

aaa authentication login default local

aaa authentication login management local enable

!

!

!

!

!

aaa session-id common

ethernet lmi ce

memory-size iomem 15

clock timezone CST -6 0

clock summer-time CDT recurring

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 330 0

line aux 0

exec-timeout 0 0

disconnect-character 122

modem InOut

no activation-character

terminal-type vt100

no exec

transport preferred none

transport input all

transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh

autohangup

stopbits 1

speed 38400

flowcontrol hardware

line 2

exec-timeout 0 0

disconnect-character 122

no activation-character

terminal-type vt100

no exec

transport preferred none

transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh

autohangup

stopbits 1

flowcontrol hardware

line 0/0/0

exec-timeout 15 0

disconnect-character 122

terminal-type vt100

transport preferred none

transport input telnet ssh

transport output none

autohangup

stopbits 1

line 0/0/1 0/0/15

exec-timeout 60 0

disconnect-character 122

terminal-type vt100

transport input telnet ssh

autohangup

stopbits 1

flowcontrol software

line vty 0 4

exec-timeout 720 0

privilege level 15

password ■■■■■■

transport input telnet ssh

line vty 5 15

exec-timeout 720 0

privilege level 15

password ■■■■■■

transport input telnet ssh

line vty 16 21

transport input telnet ssh

!

liviu.gheorghe · ‎02-08-2025

Despite the fact that you have a password configured on the vty0-15, this password will not be used because you have configured

aaa new-model

aaa authentication login default local

So when you telnet into the terminal server on port numbers 2003-2018, you will have to use the same username and password you defined local and that you usually use to telnet/ssh into the router.

HTH

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-10-2025

The target switch refuses the telnet connection, because it uses SSH. However when I try ssh <ip_address> 2010, it prompts me to put in a password but I get an error message

Line has invalid autocommand "2010"
[Connection to xx.xxx.xx.xx closed by foreign host]

liviu.gheorghe · ‎02-10-2025

"The target switch refuses the telnet connection, because it uses SSH"

Are you trying to connect to the target switch directly using telnet/ssh or are you trying to connect to it via the console port using the terminal server?

We have been talking here about the second option - connect to the target switch via the console port using the terminal server. If this is no longer the case, please advise.

Another question - from what device are you trying "ssh <ip_address> 2010"? I assume the <ip_address> is one of the valid IP addresses configured on the terminal server. Correct?

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-11-2025

Yes i am trying to connect to the switch using the command you provided
that is connected to the console server on the HWIC-16A interface. When I
put in the command you gave me I use the management IP address of the
switch in question. This is the same IP address that I would use if I was
trying to ssh into the switch remotely. I also use 2010 because I believe
that is the corresponding port that pertains to that switch.

liviu.gheorghe · ‎02-11-2025

Unfortunately you didn't understand what I wrote in my post. Let me explain it again.

The command is, like I wrote in the first post: telnet <valid IP on the 2900> <port number>

The idea is to telnet to an IP address on the terminal server - which you said in your post that it's a 2900 router HWIC-16A 16 port Async interface card.

The port number, like I wrote in my first post, is obtained by adding the number 2000 to the line number you are using and is connected to the console of the managed device. For example, if you are using the first line on the terminal server, that correspond to line 3. This can be seen in the output of the show line command which you provided in an earlier post. In this case the port number will be 2003.

So the command issued from your PC should be: telnet <IP address of the terminal server> 2003

this will connect you to the first async line on the terminal server which you will connect to the console port of the switch.

HTH

Regards, LG
*** Please Rate All Helpful Responses ***

raijin199 · ‎02-12-2025

I am using the command you wrote in the CLI of the console server to try
and connect to the switches, but it's being refused because the switches
are set up to only accept SSH.