Reverse Telnet

When a user telnets to a router, she is "logged on" directly to the router. Cisco adds a special twist: if you telnet to a special port on the router, the router redirects the incoming telnet connection back out a selected asynchronous line, rather than internally accepting the incoming connection. This is called reverse telnet . Here are two telnet commands you might give on your Unix or Windows workstation:

% telnet router1  Telnet directly into router1 
% telnet router1 2001  Telnet to port 2001 on router1 

The first telnet command connects to the standard telnet port (TCP port 23; remember that we're now talking about TCP ports, not the router's physical ports) and initiates a virtual terminal session with the router. The second command is tricky. It connects to TCP port 2001; the router maps this port to one of its asynchronous lines. The router performs any login requirements, then connects the telnet session to the mapped line. The mapping is simple: just subtract 2000 from the port used for the telnet connection. So in this example, the user would be connected to asynchronous line 1 (tty1). Line 2 (tty2) would be 2002, and so on. If a modem is connected to tty1, the user would be talking directly to the modem.

The only catch to this mapping is the AUX port. The number of the AUX port is the last TTY port, plus 1. So, on a router with 18 TTY ports, the AUX port would be port 2019 (the last TTY, port 2018, plus 1). On a router with no TTY interfaces, the AUX port would be port 2001.

In addition to port 2000, ports 4000 and 6000 can be used. Port 4000 plus the tty1 gives you a raw TCP port, which is usually for sending data directly to a printer. On port 2000, each carriage return is translated into a carriage return plus a linefeed. Port 6000 is just like port 2000, except it turns off the carriage-return translation.

Reverse telnet requires that the TTY line be configured to allow outbound connections. Here's how you do this:

Router(config)#line tty2
Router(config-line)#modem inout

The modem inout command allows both incoming and outgoing connections. Another way to configure the line is:

Router(config)#line tty2
Router(config-line)#modem callout

The modem callout command allows only outgoing connections.

Another useful command for reverse telnet is ip alias. This command lets you assign an IP address to a reverse telnet connection. In other words, the router associates an IP address with a reverse telnet port. If you telnet to this address, the router will connect you directly to the specified port. For example, assume that a router has an Ethernet interface with an address of The following commands configure it to route incoming telnet connections for the addresses,, and to asynchronous ports 1 through 3:

interface ethernet0
 ip address
 no shutdown
! Now configure our reverse telnet IP address
ip alias 2001
ip alias 2002
ip alias 2003

Now, when you telnet to, you will be connected to the device that is connected to port 1.

Getting Started

IOS Images and Configuration Files

Basic Router Configuration

Line Commands

Interface Commands

Networking Technologies

Access Lists

IP Routing Topics

Interior Routing Protocols

Border Gateway Protocol

Quality of Service

Dial-on-Demand Routing

Specialized Networking Topics

Switches and VLANs

Router Security

Troubleshooting and Logging

Quick Reference

Appendix A Network Basics


Cisco IOS in a Nutshell
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
ISBN: 0596008694
EAN: 2147483647
Year: 2006
Pages: 1031
Authors: James Boney © 2008-2020.
If you may any questions please contact us: