Connecting to Cisco Devices for Configuration

The first step in configuring any Cisco device is to physically connect the device and the configuring computer. This connectivity can be accomplished through one of the following mechanisms:

• Console or auxiliary Physical connectivity mechanisms, also classified as out-of-band management interfaces, consist of a console cable that connects the console port on the Cisco device to the COM port on the computer. The console connection method is typically used when the device is physically nearby.

• Telnet, SSH, File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), or Hypertext Transfer Protocol (HTTP) IP-based remote connectivity mechanisms, also classified as in-band management methods, consist of connecting to the Cisco device, from a computer, through the network connection. However, the devices should be configured and connected to the network to allow the computer to communicate with the devices. For remote access to the device, a Telnet (or SSH) connection is typically used.

Note

In-band Versus Out-of-band: Out-of-band signaling involves using control signals to access a path outside the one used by the data signal. For example, console ports use a separate cable from the Cisco device to the configuring computer's serial port. This port does not carry LAN/WAN traffic that flows through the router. In-band signaling uses the same path for data and control signals. For example, when a computer establishes a Telnet session with the router for configuration, the Telnet traffic is part of the LAN/WAN traffic that flows through the router.

Local Connection Using a Console Interface

The console connection consists of the following items:

• A computer terminal.

• A console cable that connects the serial port (also known as the COM port) of the terminal to the Cisco device. This cable is an 8-wire flat ribbon cable.

• A port on the Cisco device, called the console port, that the 8-wire console cable connects to. Generally, this port is an RJ-45 port.

• A software application on the computer to control the COM port.

Some older Cisco devices that have a non-RJ-45 port require the use of a connector (also called an adapter or converter). Likewise, newer laptops do not have COM ports. You should use a USB to serial port adapter to connect the laptop to the console cable.

At the terminal end, the console cable goes into the serial port adapter (DB9 to RJ-45 adapter), which in turn connects to the serial port. Figure 1-1 depicts console cable details.

Note

For more information on cabling for console ports, refer to the article "Cabling Guide for Console and AUX Ports," which you can find at the following URL:

http://www.cisco.com/en/US/products/hw/routers/ps332/products_tech_note09186a0080094ce6.shtml

The connection through the console port, Telnet, or SSH provides a text-based interface called the command-line interface (CLI) for configuring the device. This CLI can be used to view device statistics and parameters. To use a PC or laptop computer as a terminal, it should be loaded with terminal emulation software for serial communication. The configuration settings on the software should correspond to those on the Cisco device. Table 1-1 shows the default console settings for most Cisco devices.

To use the COM port on your computer, you need a software application. Such software application tools are also referred to as terminal emulation software. Although the choice of the terminal emulation software depends on the operating system and your preference, Table 1-2 lists the more popular terminal emulation software packages.

Using Windows-Based Console Tools

HyperTerminal, by Hilgraeve Inc.(http://www.hilgraeve.com), as shown in Figure 1-2, comes preinstalled with Windows 95/98/Me/2000/XP. HyperTerminal is the terminal emulation software most commonly used for console connections.

Figure 1-2. HyperTerminal Software

Assume that COM1 of the Windows-based PC is connected to the console port of the device. To configure the PC for a Cisco console connection, follow these steps:

Step 1.	Start the HyperTerminal application in Windows.
Step 2.	Choose File > Properties > Configure and enter the settings shown in Figure 1-3. Figure 1-3. HyperTerminal Configuration Settings
Step 3.	Click the OK button to save the settings.
Step 4.	Press Enter to start communication with the device. Figure 1-4 shows the console output from a Cisco router through HyperTerminal. Figure 1-4. HyperTerminal Console Session

It is common networking practice to document the configuration process or record the output of a command. The copy-and-paste method is a quick and easy way to accomplish this. However, this method can be cumbersome for copying a large quantity of data. Hyper-Terminal has a built-in feature, called Capture Text, that allows you to save the entire session directly to a text file. The following steps are involved in using Capture Text:

Step 1.	To begin capturing the text, choose Transfer > Capture Text, as illustrated in Figure 1-5. Figure 1-5. Capturing Text Through HyperTerminal
Step 2.	A prompt appears, asking for the location of the new file to be saved. Enter the name of the file and click the Start button to begin the capture, as shown in Figure 1-6. Figure 1-6. Saving Captured Text
Step 3.	To end the process, choose Transfer > Capture Text > Stop, as shown in Figure 1-7. Figure 1-7. Stopping the Capture
Step 4.	All the data can now be viewed by opening the file (which is found at c:\capture.txt in the preceding example).

Caution

Securing a Console Connection: In addition to enforcing physical security, always secure the console and AUX port by using nondictionary and difficult-to-guess passwords. Also, use the exec-timeout command for automatic termination of inactive console connections.

Using Linux-Based Console Tools

The Linux community is more inclined to use CLI-based tools. For a new Linux user, the CLI can be challenging. Fortunately, Linux features both CLI- and GUI-based tools for terminal emulation. This section features the following Linux-based terminal emulation tools:

• Minicom A command-line interface (CLI) based tool that offers customizable macros for task automation

• cu A CLI-based tool that has simplicity and a small footprint, which make it an ideal tool for a network administrator's tool kit

• GtkTerm Offers a graphical user interface (GUI) that allows customizable macros for task automation

Minicom for Console Connections

Minicom is often called HyperTerminal for Linux. Although Minicom is CLI-based, its ease of use and flexibility make it popular open source terminal emulation software. Minicom is included with most Linux distributions; it can also be downloaded from the following website:

http://freshmeat.net/redir/minicom/6437/url_homepage/minicom

The configuration steps for Minicom are as follows:

Step 1.	Log in to the Linux computer with root privileges. Open a command-line session and enter minicom s to display the screen shown in Figure 1-8. Figure 1-8. Minicom Configuration Screen
Step 2.	Select the Serial port setup option and press A to change the serial device settings. This example assumes that you would use COM1 to connect the console cable; hence /dev/ttyS0 is selected. To use COM2, select /dev/ttyS1. Note the uppercase S. This example chooses COM1 as the serial port. You should also change the Bps setting to 9600 8N1 (option E). Figure 1-9 shows the final settings for the Serial port setup screen. Figure 1-9. Minicom Serial Port Setup
Step 3.	Press Enter to return to the configuration screen. Select Save setup as, and when prompted with Give name to save this configuration? enter the name of your choice (such as ciscoconsole); then press Enter.
Step 4.	Exit the program by selecting the Exit from Minicom option.
Step 5.	Connect the Cisco device to COM1 of the Linux computer using the console cable. Open a command-line session and enter minicom o ciscoconsole at the command line; then press Enter twice. This starts the console session with the Cisco device, as demonstrated in Example 1-1.

Example 1-1. Console Session Through Minicom

 Welcome to minicom 2.1 OPTIONS: History Buffer, F-key Macros, Search History Buffer, I18n Compiled on May 18 2003, 22:13:42. Press CTRL-A Z for help on special keys Router>show ?   backup         Backup status   cca            CCA information   cdapi          CDAPI information   cef            Cisco Express Forwarding   class-map      Show QoS Class Map   clock          Display the system clock   compress       Show compression statistics   controllers    Interface controller status   crypto         Encryption module --More-- 

To begin capturing data, press Ctrl-a and then press l. The system prompts you for the destination file. Then press Enter to choose the default filename of minicom.cap.

To end the capture, press Ctrl-a, l again. To exit the program, press Ctrl-a, q.

Note

 minicom: cannot open /dev/ttySO: Permission denied 

This error message in Minicom indicates that the user has insufficient permission. While the user is logged in as root, issuing the following command gives the required permission:

        chmod 666 /dev/ttyS0 

The same solution applies to a Permission denied or Line in use error message while using the cu tool, which is discussed in next section.

Using cu for Console Connections

Another serial communication software tool for Linux is cu, which is part of the UUCP (UNIX-to-UNIX Copy Program).

To connect to the Cisco device through the console connection, open a terminal session on the Linux PC and enter the following command:

   cu -l /dev/ttyS0 -s 9600 

To exit, enter ~. (a tilde followed by a period).

Example 1-2 shows the console session using cu on the Linux computer with the console cable connected to COM1.

Example 1-2. Console Session Through cu

 anand@linuxbox:~$ cu -l /dev/ttyS0 -s 9600 Connected. Router>show ip interface brief Interface                 IP-Address     OK? Method Status                Protocol BRI0                       unassigned     YES NVRAM  administratively  down down BRI0:1                     unassigned     YES unset  administratively  down down BRI0:2                     unassigned     YES unset  administratively  down down Ethernet0                  unassigned     YES NVRAM  administratively  down down Serial0                    unassigned     YES NVRAM  administratively  down down Router> Router>~. Disconnected. anand@linuxbox:~$ 

Using GtkTerm for Serial Communications

GtkTerm is another Linux-based serial communication software tool that has a GUI similar to HyperTerminal. The steps for using GtkTerm are as follows:

Step 1.	To start the software from the command line, enter gtkterm.
Step 2.	Press Ctrl-S to invoke the configuration window, as shown in Figure 1-10. Select the settings shown in Table 1-3. Note that the port setting of /dev /ttyS0 is chosen assuming that the console is connected to COM1 of the computer. Figure 1-10. GtkTerm Configuration Screen Table 1-3. GtkTerm Settings Port Speed Parity Bits Stopbits Flow Control /dev/ttyS0 9600 None 8 1 None
Step 3.	Click the OK button to save the configuration and begin the connection.
Step 4.	To save the configuration for future use, choose Configuration > Save Configuration.
Step 5.	In the Save Configuration window, enter a name for the configuration and click the OK button.
Step 6.	To start GtkTerm with the preconfigured setting, use the following CLI command: gtkterm --config configname

Remote Connection Using Telnet

Telnet, a TCP-based protocol using port 23, is most commonly used for remote connectivity. While console connection provides a simple way to configure the device, it has one major limitation the length of the console cable. The Telnet protocol overcomes this limitation with its quick and easy functionality, allowing remote logins to the device for viewing or changing configurations. You can initiate a Telnet session from the MS-Windows, Linux, Cisco CatOS, or IOS command shells. To connect to a remote device through the network, enter the following command at the command prompt:

   telnet ip-address-of-the-remote-device 

Tip

If a remote host you are trying to Telnet to is unreachable, your Telnet session will hang until the timeout value is reached. To save time, check the network connection to the target before initiating a Telnet connection. You can use the ping utility to do this.

You can also use the host name instead of the IP address to Telnet or ping to the remote host, provided that the host is listed under the DNS.

Most Cisco devices are not Telnet ready with the out-of-the-box default configuration. Each hardware platform has different command and configuration parameters for enabling the built-in Telnet daemon. Refer to the Cisco documentation CD-ROM (also known as the UniverCD) that is shipped with every Cisco product. You can also refer to the Cisco documentation website (http://www.cisco.com/univercd/home/home.htm), which provides information similar to that found on the UniverCD.

Tip

Cisco IOS has a built-in Telnet client, too. To connect to a different device from the IOS CLI, enter telnet ip-address or simply type the IP address without the word telnet.

In the scenario shown in Figure 1-11, the network administrator is trying to access a remote router with IP address 192.168.100.1 from her laptop with IP address 10.1.1.26.

The network administrator opens a command-line session on the Linux laptop and enters telnet 192.168.100.1 to connect to the remote router with IP address 192.168.100.1.

To end the Telnet session, the network administrator uses the exit command.

Example 1-3 shows the output of the Telnet session. Note the output in the fourth line. In this case, pressing ^] (pressing the Ctrl and ] keys together) can help the user temporarily leave the current session without disconnecting.

Example 1-3. Telnet Session

 netadmin@linuxbox:~$ telnet 192.168.100.1 Trying 192.168.100.1... Connected to 192.168.100.1. Escape character is '^]'.                 User Access Verification Password: Router>exit Logoff Connection closed by foreign host. 

Tip

Linux users can log Telnet sessions by using the tee command with the pipe options, as follows:

      telnet host-ip-address 2>&1 | tee text-file 

For example:

      telnet 192.168.10.10 2>&1 | tee routerlog.txt 

MS-Windows users can use the set logfile filename option within the Telnet utility, as follows:

      c:\windows\system32>telnet      Welcome to Microsoft Telnet Client      Escape Character is 'CTRL+]'      Microsoft Telnet> set logfile routerlog.txt      Log file : routerlog.txt      Client logging on      Microsoft Telnet> open 192.168.10.10      Connecting To 192.168.10.10... 

After the Telnet session is over, you can read the text file (routerlog.txt, in this example) using any text editor.

The following software allows you to use a GUI-based Telnet client in MS-Windows:

• HyperTerminal Private Edition (HTPE)

• TeraTerm

• PuTTY

Linux does not offer a good GUI client for Telnet. This section discusses HyperTerminal Private Edition (HTPE). The HTPE (http://www.hilgraeve.com) is a freely available software tool that has more functionality than the one preinstalled with Windows 9X/Me/XP/2000. HTPE features a built-in Telnet client that facilitates remote logins to network devices. This feature simplifies device configuration because the network administrator can access multiple devices through the same window. HTPE also provides the network administrator with advanced tools, such as file capture and macros (as discussed later in this chapter in the "Windows-Based Macro Tools" and "Linux-Based Macro Tools" sections).

To use HTPE to establish a Telnet session, follow these steps:

Automating Tasks Using Macros

The routine tasks performed by Netadmins often consist of similar steps and commands. Netadmins can save time by automating such repetitive tasks. Consider a typical case of a network administrator trying to change enable passwords on all the remote routers for security reasons. The steps involved are similar for all the routers, as shown in Example 1-4. In this example, the enable password for the router was changed from password1 to longpassword.

Example 1-4. Telnet Session

 C:\WINNT>telnet 192.168.100.1 User Access Verification Password: Router>enable Password: Router#config terminal                                       Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable password longpassword                  Router(config)#exit                                                                                                                                           Router# copy running-config startup-config                    Building configuration...                                    [OK]                                                         Router#exit                                                  Connection to host lost. C:\WINNT> 

Except for the first part of the Telnet connection and authentication, the remaining steps (as highlighted) would be the same for all remote routers. These identical configuration steps can be automated using a script or a macro tool.

Windows-Based Macro Tool

HyperTerminal Private Edition has a powerful, easy-to-use scripting feature called macro. This feature can help the network administrator automate repetitive tasks. The process of creating a macro in HTPE is simple and does not require knowledge of a scripting language or syntax. It allows the creation of multiple macros, which can be invoked by pressing different key combinations.

To configure HTPE and define a new macro, perform the following steps:

Step 1.	Start the HTPE program, by selecting Start > Programs > HyperTerminal Private Edition > HyperTerminal Private Edition.
Step 2.	Choose View > Key Macros, as shown in Figure 1-13. Figure 1-13. HyperTerminal Macro Configuration
Step 3.	In the Keys window, click the New button to define a new key macro, as shown in Figure 1-14. Figure 1-14. HyperTerminal: Defining a New Macro
Step 4.	In the Key window, define a key combination that, when pressed, would invoke this macro. Figure 1-14 shows the key combination Ctrl-Q (Ctrl key and the Q key). In the Action window, enter all the IOS commands in the desired sequence. Click the OK button to save the macro. Note In the Action window of Figure 1-14, notice how each router IOS command is separated by the term <ENTER>. To insert keyboard commands such as Enter (a carriage return) or special keys such as Tab, press Insert followed by the desired function key on the keyboard. For example, to indicate a carriage return, press Insert-Enter.
Step 5.	After logging in to the enable mode of each remote router (using the Telnet feature of HTPE as described in preceding sections), the entire process (highlighted in Example 1-4) can be achieved by pressing Ctrl-Q, as demonstrated in Figure 1-15. Figure 1-15. HyperTerminal: Using the Macro

Linux-Based Macro Tools

Linux-based terminal emulation tools provide macro functionality, too. However, the configuration steps for Minicom and GtkTerm are different than those for the Windows operating systems.

Macros in Minicom

Linux-based Minicom also provides macro functionality. However, Minicom is limited to ten macros; these macros are invoked by pressing the function (F1 F10) keys.

To configure a macro, perform the following steps:

Step 1.	Start Minicom with root privileges at the command shell by entering minicom s and choosing the Screen and keyboard option.
Step 2.	Press M to edit macros. In the Macros window, press 1 to configure the first macro, which can be invoked by pressing F1. Likewise, you can press A to configure the macro for F10, or press 2 through 9 for F2 through F9, respectively. Configure the selected macro by entering the sequence of commands for the desired function key. For example, in Figure 1-16, a password-changing macro is defined for F1. Notice how each command is separated by the carriage return, which is represented as ^M (Shift-6 followed by M). Figure 1-16. Minicom: Configuring Macros
Step 3.	Press Enter three times to save and exit to the configuration screen. Press Esc to exit and return to the router prompt.
Step 4.	While in the enable mode of the IOS, invoke this macro by pressing F1.

Macros in GtkTerm

GtkTerm also provides easily configurable macros. To create a GtkTerm macro based on Example 1-4, follow these steps:

Step 1.	In the GtkTerm window, select Configuration > Macros, as shown in Figure 1-17. Figure 1-17. GtkTerm: Configuring Macros
Step 2.	In the Configure Macros window, click the Add button to create a blank macro.
Step 3.	Select the new macro and click the Capture Shortcut button. Press the preferred key combination to create the shortcut. Figure 1-18 shows Ctrl-Q (the Control and the Q key together). Figure 1-18. GtkTerm: Adding Commands in Macro
Step 4.	Click in the Action window and enter the list of commands, with each command separated by \n (backslash key followed by n key). GtkTerm uses the \n key combination to define a carriage return.
Step 5.	Click the OK button to save and exit the Configure Macro window.
Step 6.	To invoke the macro, press Ctrl-Q.

Warning

Exercise caution when choosing the shortcut key combination for invoking macros. Both MS-Windows and Linux have predefined shortcut keys such as Ctrl-V or Alt-F2. Using one of the predefined shortcut keys can create unwanted results or misconfigurations.