Home > Articles > Cisco Certification > CCNA Routing and Switching > CCNA Practical Studies: Gaining Access to Routers and Switches

CCNA Practical Studies: Gaining Access to Routers and Switches

  • Sample Chapter is provided courtesy of Cisco Press.
  • Date: Jul 12, 2002.

Chapter Description

Learn how to access a router and switch through a direct console connection, over the LAN via Telnet, and finally through a terminal server.

From the Book

CCNA Practical Studies

CCNA Practical Studies


Configuring the Terminal Server

This section demonstrates how to configure a terminal server to provide access to the rest of the routers in the lab. Once configured, you will be able access each lab router's console port through reverse Telnet.

Lab Objective

In this chapter, you will accomplish the following lab objective:

Configure the Cisco 2511 router to be the terminal server for this lab. The terminal server is connected to each device's console port. Port assignments are as follows:

  • R1—2001
  • R2—2002
  • R3—2003
  • R4—2004
  • R5—2005
  • R6—2006
  • Catalyst Switch—2007

After completing this objective, you will learn how to maneuver from the terminal server to each individual lab router and then back to the terminal server.

Terminal Server Overview

A terminal server provides out-of-band access for several devices. Out-of-band access is through a router's console or aux port versus in-band access that occurs over the network using telnet. Generally, a terminal server is a router with multiple, asynchronous ports that are connected to other devices, such as the console port of other routers or switches, as shown previously in Figure 4-8. To get a better idea of what the ports look like on the back of a terminal server, see Figure 4-12, which shows the back of a Cisco 2511.

Figure 4-12Figure 4-12 A Cisco 2511 to Be Configured as the Lab Terminal Server


The Cisco 2511 series router uses a 68-pin connector and breakout cable (see Figure 4-13).

Figure 4-13Figure 4-13 CAB-OCTAL-ASYNC Cable

This cable is referred to as a CAB-OCTAL-ASYNC cable or just OCTAL cable. It provides eight RJ-45 rolled cable asynchronous (async) ports on each 68-pin connector. The 68-pin connector is attached to Interface Async 1 of the terminal server. Each RJ-45 rolled cable is connected to the console port of each router in the lab. For configuration purposes, each rolled cable is referred to as an asynchronous line in the configuration. Each line is numbered beginning with 2001 to 2008. So, R1 is attached to async 2001, R2 is connected to 2002, and so on up to 2007, which is connected to the Catalyst 1900 switch, leaving 2008 unused. See Figure 4-14 for an example.

Figure 4-14Figure 4-14 Terminal Server Connectivity to Lab Routers


The async ports from the 68-pin connector are data terminal equipment (DTE) devices. DTE-to-DTE connections require a rolled (null modem) cable. DTE-to-DCE devices require a straight-through cable. Because the Octal cable is rolled, you can connect each cable directly to the RJ-45 console port of each lab router. However, some routers have console ports that are 25-pin interfaces instead of RJ-45. If so, remember that the 25-pin interface is a DCE, and you must use the RJ-45-to-25 pin adapter marked "modem" to reverse the roll and complete the connection.

The major benefit of a terminal server is that it allows you a single point from which to access the console ports of many devices. This is helpful initially in the lab because the lab routers will not have any configuration settings such as IP addresses or Telnet parameters. Without the terminal server, you would have the tedious process of manually switching between each router's console port to gain access. A second benefit is that a terminal server can provide fault tolerance in case the routers become inaccessible because of a network failure. This is because you can configure a modem on the auxiliary or asynchronous port of the terminal server, allowing dialup connectivity to the terminal server and thus to each router that the terminal server is connected to.

In the lab, the terminal server will be the single point from which you may access all other lab routers through reverse telnet.

Reverse Telnet

Most Telnet connections are considered forward connections, or connections accepted into a line or interface. Reverse Telnet means that the Telnet session is initiated out of the line (like an asynchronous line) instead of accepting a connection into the line. Thus, reverse Telnet allows you to Telnet out from a device that you are Telnetting to, but on a different interface, such as an asynchronous port. For example, the terminal server has a LAN (Ethernet) IP address of If you want to connect to R1 on asynchronous line 2001, you would issue the following command from the terminal server:

Termserver#telnet 2001

Essentially, you are telling the router to connect to its own Ethernet 0 IP address of via Telnet but to initiate the connection out line 2001. This will be a fundamental part of the lab exercises, so let's demonstrate how this is done.

In the lab, you will do reverse Telnet using an IP address assigned to a loopback interface. Loopback addresses are preferred because they are virtual and thus always available. For reverse Telnet to work, the interface that is used must be up and the line protocol must be up. Because of this, using a loopback interface is advantageous because it never goes down, as opposed to an Ethernet interface, which might go down and prevent reverse Telnet from working.

Terminal Server Configuration

Now that you have an understanding of how the terminal server is physically connected and how reverse Telnet functions, it's time to examine how to configure the terminal server.

The steps to configure the terminal server are as follows:

Step 1 Create a loopback interface.
Step 2 Assign an IP address to the loopback interface.
Step 3 Allow Telnet as a transport across asynchronous lines 1 to 16.
Step 4 Create a host table that maps a router's host name (such as R1, R2, and so on) to the asynchronous line it is connected to on the terminal server (such as 2001, 2002, and so on).

Steps 1 and 2: Creating a Loopback Interface and Assigning an IP Address

Begin by creating the loopback interface from global configuration mode. Going into interface configuration mode for the loopback 0 interface creates the loopback interface and brings up the interface, as highlighted in Example 4-11. You can assign the interface any number in the range of 0 to 2147483647. Use loopback 0 and assign it an IP address of with a mask of, as shown in Example 4-10.

Example 4-10 Creating loopback 0 and Assigning It an IP Address

Termserver(config)#interface loopback0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
%LINK-3-UPDOWN: Interface Loopback0, changed state to up

Termserver(config-if)#ip address

Exit interface configuration mode by doing a CTRL-Z and do a show running-config to show how this interface now appears in the output in Example 4-11.

Example 4-11 loopback0 Interface as It Appears in Running-Config After Creation

Termserver#show running-config

Current configuration:
version 11.2
service password-encryption
no service udp-small-servers
no service tcp-small-servers
hostname Termserver
enable password 7 0200055708090132
interface Loopback0
 ip address

You can also do a show interface loopback0 to verify that the loopback interface is up and has the correct IP address, as in Example 4-12.

Example 4-12 show interface loopback0 Command Output Verifies Interface Status and IP Address

Termserver#show interface loopback0
Loopback0 is up, line protocol is up
 Hardware is Loopback
 Internet address is
 MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec, rely 255/255, load 1/255
 Encapsulation LOOPBACK, loopback not set, keepalive set (10 sec)
 Last input never, output never, output hang never
 Last clearing of "show interface" counters never
 Queueing strategy: fifo
 Output queue 0/0, 0 drops; input queue 0/75, 0 drops
 5 minute input rate 0 bits/sec, 0 packets/sec
 5 minute output rate 0 bits/sec, 0 packets/sec
   0 packets input, 0 bytes, 0 no buffer
   Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
   0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
   0 packets output, 0 bytes, 0 underruns
   0 output errors, 0 collisions, 0 interface resets
   0 output buffer failures, 0 output buffers swapped out

Step 3: Allowing Telnet as a Transport Across Asynchronous Lines 1 to 16

Now that the loopback 0 interface is created, you need to ensure that the asynchronous lines allow Telnet to traverse the lines.

This is done using the transport input x command, where x is the protocol that you want to allow, such as Telnet. The command allows the granularity of permitting only certain protocols to cross the asynchronous lines. The allowed protocols are shown using context-sensitive help, as demonstrated in Example 4-13.

Example 4-13 Available Protocols Configurable for Transport Across the Asynchronous Lines

Termserver(config)#line 1 16 
Termserver(config-line)#transport input ?
 all   All protocols
 lat   DEC LAT protocol
 mop   DEC MOP Remote Console Protocol
 nasi  NASI protocol
 none  No protocols
 pad   X.3 PAD
 rlogin Unix rlogin protocol
 telnet TCP/IP Telnet protocol
 v120  Async over ISDN

Termserver(config-line)#transport input

In the lab, you will do a transport input telnet to allow Telnet to cross the lines.

Enter line configuration mode for asynchronous lines 1 through 16. To do this, type line 1 16 from privileged EXEC mode.


In the lab, you are really concerned with only Lines 1 to 7 (2001 to 2007) because they are the only asynchronous lines that have routers connected to them. However, because a Cisco 2511 has two asynchronous interfaces, 16 lines total are available (8 per asynchronous interface) for configuration.

Upon entering line configuration mode, allow all protocols to be transported across the lines, as shown in Example 4-15.

Example 4-14 Allow All Protocols to Cross the Asynchronous Lines

Termserver(config)#line 1 16
Termserver(config-line)#transport input telnet 

Step 4: Creating a Host Table That Maps a Router's Host Name to the Asynchronous Line to Which It Is Connected on the Terminal Server

At this point, the terminal server is configured and should be functional; however, as a timesaver, you will create a host table that maps the router name to the loopback 0 interface and then specify the asynchronous port out which to initiate the reverse Telnet session. This is done using the ip host command. The ip host command is a static DNS entry used by the router. The router will translate "R1" to port 2001. When this host table is completed, you will access each router by typing the host name of the router. For example, typing R1 initiates a reverse Telnet session out asynchronous line 1 (2001). Create the table from global configuration mode as shown in Example 4-15.

Example 4-15 Creating IP Host Table for Reverse Telnet

Termserver#config t
Enter configuration commands, one per line. End with CNTL/Z.

Termserver(config)#ip host r1 2001
Termserver(config)#ip host r2 2002
Termserver(config)#ip host r3 2003
Termserver(config)#ip host r4 2004
Termserver(config)#ip host r5 2005
Termserver(config)#ip host r6 2006
Termserver(config)#ip host cat19 2007 

Saving and Testing the Terminal Server Configuration

Exit back to global configuration mode by doing a CTRL-Z and then save the configuration. Next, test reverse Telnet functionality by typing r1 from user EXEC or privileged EXEC mode, as shown in Example 4-16.

Example 4-16 Successful Reverse Telnet to R1

Termserver#copy running startup
Building configuration...
Trying r1 (, 2001)... Open Hit enter key


You can see from Example 4-16 that the terminal server initiates a connection to R1. It does this by connecting to its own loopback 0 address of (via Telnet) and then redirecting the connection out asynchronous port 2001. Because the Telnet connection is "redirected," it is referred to a reverse Telnet connection. Next, hit the Enter key to get the Router> prompt. R1's console port is connected to asynchronous line 1 (port 2001) of the terminal server. By hitting the Enter key, you are placed into R1's user EXEC mode. At this point, give the router a host name of R1 to avoid confusion about which router you are connected to. Change the host name to R1, and save the changes, as shown in Example 4-17.

Example 4-17 Hostname Changed from Router to R1

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R1
R1#copy running startup
Building configuration...

To get back to the terminal server, type Ctrl-Shift-6, x from R1, as in Example 4-18.

Example 4-18 Return to the Terminal Server via the Escape Sequence

R1#Ctrl-Shift-6, x

Upon doing the escape sequence (Ctrl-Shift-6, x), notice that you have been returned to the terminal server, as shown by the change from the R1# prompt to the Termserver# prompt in Example 4-18.

Connecting, Disconnecting, and Verifying Reverse Telnet Sessions

From the terminal server, you can view active reverse Telnet connections by doing show sessions, as in Example 4-19.

Example 4-19 Established Sessions on the Terminal Server

Termserver#show sessions

Conn Host        Address       Byte Idle Conn Name
* 1 r1     0   3 R1


When a reverse Telnet session is established, the session is given a connection number. The asterisk preceding the connection number indicates that the session is active, as highlighted in Example 4-19.

To return to an active session, you can simply enter the connection number. Upon seeing the message [Resuming connection 1 to R1 ... ], press the Enter key and you are taken to R1, as demonstrated in Example 4-20.

Example 4-20 Resuming an Active Reverse Telnet Session Using the Connection Number

[Resuming connection 1 to r1 ... ]
    Hit Enter key

Occasionally, when initiating the reverse Telnet session, the connection might be refused and you will not be able to get into a router; you will see a message as shown in Example 4-21.

Example 4-21 Reverse Telnet Session Refused by Remote Host

Trying r1 (, 2001)...
% Connection refused by remote host


When the connection is refused, you need to clear the asynchronous line and attempt the reverse Telnet again. This is done by doing a clear line 1, confirming the request by pressing Enter, and then entering r1 to reinitiate the reverse Telnet connection, as shown in Example 4-22.

Example 4-22 Clearing the Asynchronous Line 1 After a Connection Is Refused and Reinitiating the Reverse Telnet Connection

Trying r1 (, 2001)...
% Connection refused by remote host

Termserver#clear line 1
Trying r1 (, 2001)... Open



You might need to clear the line a few times before it completely clears.

You have now successfully connected to R1 through reverse Telnet.

Return to the terminal server from R1 using Ctrl-Shift-6, x. Execute a show sessions command on the terminal server to display that connection 1 is an established reverse Telnet session to R1. To disconnect a previously established reverse Telnet session, you can enter disconnect and the connection number, and then hit Enter to confirm the disconnect, as shown in Example 4-23.

Example 4-23 Disconnecting an Established Reverse Telnet Session

Termserver#show sessions 
Conn Host        Address       Byte Idle Conn Name
* 1 r1     0   0 R1

Termserver#disconnect 1
Closing connection to r1 [confirm]

Now if you do a show sessions on the terminal server, as demonstrated in Example 4-24, you can see that the reverse Telnet session to R1 was disconnected.

Example 4-24 No Active Reverse Telnet Session After Doing a Disconnect

Termserver#show sessions
% No connections open

To finish, set up a reverse Telnet connection to each of the lab devices, R1 through R6. First, you'll connect to each router by typing the router's host name, hitting Enter, and then entering the escape sequence Ctrl-Shift-6, x to get back to the terminal server to repeat the process for the next router (see Example 4-25).

Example 4-25 Setting Up a Reverse Telnet Session to Each Lab Router

Trying r1 (, 2001)... Open

Trying r2 (, 2002)... Open

Trying r3 (, 2003)... Open

Trying r4 (, 2004)... Open

Trying r5 (, 2005)... Open

Trying r6 (, 2006)... Open


Notice in Example 4-25 that the reverse Telnet session is successful because the connection shows Open and you are taken to the router prompt of each respective device. R1 is the only router with a configured host name because it is the only router that you have configured with a host name so far. Thus, the remaining routers take you to the Router> prompt.


Individual host names for the remaining routers will be configured in Chapter 6, "General Router Configurations."

Reverse Telnetting to the Catalyst 1900 Switch

Next, establish a reverse Telnet session to the Catalyst 1900 switch by entering cat1900 and pressing Enter, as shown in Example 4-26.

Example 4-26 Setting Up a Reverse Telnet Session to the Catalyst 1900 Switch

Trying cat1900 (, 2007)... Open

Catalyst 1900 Management Console
Copyright (c) Cisco Systems, Inc. 1993-1997
All rights reserved.

Ethernet address: 00-C0-1D-80-C7-5E

1 user(s) now active on Management Console.

Enter password:

Now from the terminal server, do a show sessions and notice that each reverse Telnet session has been assigned a connection number (see Example 4-27).

Example 4-27 Connections Numbers Assigned to Each Lab Device

Termserver#show sessions
Conn Host        Address       Byte Idle Conn Name
  1 r1     0   0 R1
  2 r2     0   0 r2
  3 r3     0   0 r3
  4 r4     0   0 r4
  5 r5     0   0 r5
  6 r6     0   0 r6
  7 cat1900     0   0 cat1900

From this point on, when configuring lab devices, you can access each device by simply entering the connection number associated with the device from the terminal server (that is, 1 to access R1, 2 to access R2, and so on).

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020