Monday, January 24, 2011

Access Server setup

I had been meaning to add my current setup config for my Access Server. Using an access server will allow you to access your network lab remotely anywhere you have access to telnet. I even have a telnet program that works so-so for my android phone and can access my lab from it.

I am using a cisco 2509 for access server duties. So far it has been ok, that said I do wish I had purchased a 2511 for the 8 additional ports.

I have an Ethernet transceiver attached to the AUI port running to my home router. I have the port in the router forwarding telnet to the ip I have hard set to that port. The ip default gateway statement in the 2509 config points to the Home router.

The 2509 is the bottom router with the ethernet transceiver and octal cable plugged in.

My config:

Current configuration:
version 12.0
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname as
enable secret 5xxxxxxxxxxxxxxxxx
ip subnet-zero
no ip domain-lookup
ip host r1 2001
ip host r2 2002
ip host r3 2003
ip host r4 2004
ip host r5 2005
ip host s1 2006
ip host s2 2007
ip host s3 2008
ip domain-name

ip default-gateway
ip classless
ip route

line con 0
 session-timeout 35791
 exec-timeout 35791 0
 password 7 104C08xxxxxxxxxxxxx
 logout-warning 60
 absolute-timeout 10000
 transport input none
line 1 8
 session-timeout 35791
 no exec
 exec-timeout 35791 0
 absolute-timeout 10000
 no history
 transport input telnet
 stopbits 1
line aux 0
 transport preferred telnet
 transport input all
 speed 38400
 flowcontrol hardware
line vty 0 4
 exec-timeout 240 0
 password 7 060xxxxxxxxxxxxx
 transport input telnet

In use, once logged into the Access server you just type the name of the router you have set to the numbered cable from the octal cable, i.e. ip host r1 2001, r1 being the name you have set, and 2001 being the number of the cable (2001=1st, 2002=2nd, etc.)

Although I think there is a command that keeps this from happening, one may have to clear a line that has locked up from time to time. The command for that, from the Access server, is:

clear line tty 1

with "1" being the cable line you are attempting to clear. It will ask you to confirm.

Also want to add this info that was either sent to me or I found on the interwebz:

Hopefully this article will help you a bit in configuring your Cisco access server....
As your CCNA / CCNP home lab expands, an access server such as the Cisco 2509 or 2511 is one of the best investments you can make. In this article, we'll look at the basic configuration for an access server and discuss how to connect to the other routers and switches in your pod through the AS.
Here's part of a configuration from one of my access servers:
ip host FRS 2006
ip host SW2 2005
ip host SW1 2004
ip host R2 2002
ip host R1 2001
ip host R3 2003
interface Loopback0
ip address
no ip directed-broadcast
This is an IP Host table, and this is what makes the entire AS setup work. Your PC will connect to the access server, and the access server is in turn physically connected to your other routers and switches via an octal cable. One end of the octal cable splices off into eight separate cables, each terminated with an Rj-45 connector. That connector will be placed into the console port of one of your home lab devices. In this configuration, I have connector 1 connected to the console port of R1, connector 2 to R2, connector 3 to R3, connector 4 to Sw1, and so forth. (The connectors are physically numbered as well.)
The IP Host table entries here are linked to the loopback address shown. The loopback can be any address, but it must match the address in the IP Host table. This allows you to create reverse telnet sessions to the routers and switches.
To open the reverse telnet sessions upon opening a connection to the AS, type the entire name of the device and press the enter key twice. A connection to that device will now be visible, as shown here:
Trying R1 (, 2001)... Open
To get back to the access server, use the key combination followed by pressing the "x" key. Keep doing this until you've opened a connection to every router and switch in your pod.
Once you've opened the lines, you will not use the full device name to connect to the home lab devices. You should press only the number corresponding to the reverse telnet session you opened. For instance, in this configuration I opened telnet session 1 to R1, session 2 to R2, and session 3 to R3. Once I opened those sessions, I just use those numbers to reconnect to the devices, as shown here:
[Resuming connection 1 to r1 ... ]
[Resuming connection 2 to r2 ... ]
[Resuming connection 3 to r3 ... ]
If you type the full hostname again after initially opening the connection, you will see this message:
Trying R1 (, 2001)...
% Connection refused by remote host
The connection is refused because you already have an open connection to that router.
There's one more important part of an access server config your CCNA / CCNP home lab will need:
line 1 8
no exec
transport input all
The line numbers may differ according to your access server, but "no exec" is very important here. This will stop rogue EXEC sessions from refusing connections that it shouldn't be refusing. Without this command, you'll commonly see "connection refused by remote host" when you shouldn't be. That message is the most common error you'll see on an access server, and it's there because you already have an open connection or you left "no exec" out of your configuration. "No exec" isn't mandatory, but it will help you keep your sanity!

No comments:

Post a Comment