Problem solve Get help with specific problems with your technologies, process and projects.

How to setup Reverse Telnet

A detailed procedure for setting up reverse Telnet.

In many organizations, you'll have a centralized staff in a hub, and a lot of remote offices with no staff. In order to support the network hardware in these locations, some sort of connectivity is required. For most administrator needs, simple telnet or ssh in-band will suffice. In other instances, where perhaps a fault or misconfiguration has disrupted normal connectivity to the satellite location, an out-of-band connection is required.

The simplest of these is a cheap modem and telephone line, which you can plug into the console port on the remote location's router. This remote console connection is also really handy for doing administrative tasks like rebooting the box while you're uploading new software, or troubleshooting bootup problems.

Naturally, if you have two devices, like a backup router, or a router and a switch, you could get a second phone line and a second modem. However, a much simpler option on some Cisco routers is to connect a console cable from the "AUX" port on the device attached to the modem, to the CON or AUX port on the second device. Then you can dial in through the modem to your first device, and reverse Telnet through the console cable to get a session on the second device.

To do this, you need to configure the first router's AUX port to communicate. This is done with the following commands:

config term
line aux 0
modem inout
transport input all

You may want to change the speed, but you don't have to. If you do, you need to change it on both routers. Also, if you connect to the AUX port on the second router, you'll want to make sure you can login, because by default you can log into the CON port, but not the AUX port. At a minimum, you'll want the following commands:

config term
enable password <myenablepassword>
line aux 0
password <mypassword>

Finally, to setup the reverse Telnet, make sure you have a loopback address configured. We'll use for this example. Then use the host command to make it easy.

config term
interface loopback0
ip address
ip host router2 2065

Now, from router1, you can just type "router2" to initiate the reverse Telnet. Use the "ctrl-shift-6, x" sequence to break out of your session, back to router1.

Also, the number 2065 in my example above can vary by router model. Type "show line" on your router to see which line AUX is assigned, (in the case of a 2600 router, it's line 65) then add 2000 to it.

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.

This was last published in June 2004

Dig Deeper on Network Infrastructure