Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1994
Views
0
Helpful
5
Replies

OOB management with console port

tech
Level 1
Level 1

‎01-24-2005 10:14 AM

I would like to do the setup according to the doc - http://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a00800941c9.shtml

The only disadvantage I see is from the following excerpt from the article -

"Warning: Unprotected modems should not be connected to the console port. The console ports do not log users off when the carrier detect is lost, which can leave a security hole. To avoid this, use a secure modem, or connect via the AUX port. For more information on the advantages and disadvantages of connecting a modem to the Console port, refer to the Modem-Router Connection Guide."

I know I could set an exec-timeout of 1 minute but that would still leave a small window of time for security breaches if the line drops.

Could someone tell me a particular modem that has a password built into it to overcome this problem? What is the best security practice in this case?

I have setup modems before on the aux port, but you cannot access the router after reload if it boots into ROMMON mode for some reason.

Thanks,

RJ

Labels:
0 Helpful
5 Replies 5

jaregalado
Level 1
Level 1

‎01-28-2005 04:52 PM

Hi,

As a workaround you can try using an old junk PC with 2 serial ports, install Linux on that PC, connect via terminal session using the modem attached to serial COM1 (modem in autoanswer mode just like you're doing now), login with username/password on the Linux machine and then use a terminal emulation software like Minicom to open serial port COM2 to get the IOS prompt from the router.

Maybe this option is too much hassle for your application, but it won´t cost you a dime and is not really that difficult.

Regards.

0 Helpful

tech
Level 1
Level 1
In response to jaregalado

‎01-30-2005 09:46 PM

This is a good idea and I appreciate the post. Unfortunately I was thinking of doing this on several remote sites and do not have the PCs to spare even if I did go this route.

Thanks,

RJ

0 Helpful

tech
Level 1
Level 1
In response to jaregalado

‎01-30-2005 09:46 PM

This is a good idea and I appreciate the post. Unfortunately I was thinking of doing this on several remote sites and do not have the PCs to spare even if I did go this route.

Thanks,

RJ

0 Helpful

mlitka
Level 2
Level 2

‎03-19-2007 11:05 AM

I have experienced the same issue. I have a modem setup off my AUX port and wanted to see if I could get access to the router while it is in ROMMON via the modem connected to the AUX port. It doesn't appear to work. Are we just configuring this wrong or does ROMMON not support a modem connected to the AUX port? Anyone have any insight?

0 Helpful

tech
Level 1
Level 1
In response to mlitka

‎03-19-2007 12:02 PM

The aux port is not accesible until the IOS loads. Since the IOS boots after ROMMON mode you will never be able to access ROMMON from the aux port.

0 Helpful
Customers Also Viewed These Support Documents
Top