Discovered this trick and it’s definitely one for the Networking Admin cook books.
1. You need to make sure the router1 AUX port is configured with the following lines:
line aux 0
exec-timeout 5 0
modem InOut
no exec
transport input all
transport output none
stopbits 1
2. Determine the AUX line number using CLI command “show line”:
router1#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY – – – – – 0 0 0/0 –
* 1 AUX 9600/9600 – inout – – – 265 0 2607/0 –
* 2 VTY – – – – 20 1147 0 0/0 –
* 3 VTY – – – – 20 727 0 0/0 –
4 VTY – – – – 20 15 0 0/0 –
5 VTY – – – – 20 1 0 0/0 –
6 VTY – – – – 20 0 0 0/0 –
7 VTY – – – – 20 0 0 0/0 –
The output above was from router 1, and it tells you the AUX is at line 1.
3. Determine the router loopback interface using “show ip int brief”:
router1#sh ip int bri
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0/0 unassigned YES NVRAM up up
Gi0/0/0.10 10.0.1.4 YES NVRAM up up
GigabitEthernet0/0/1 unassigned YES NVRAM up up
Loopback0 192.168.255.152 YES NVRAM up up
The loopback 0 address 192.168.255.152 will be used for the AUX console connection.
4. Use reverse telnet to connect to the neighbour device console port
The AUX to console connection is via reverse telnet; effectively you are launching telnet against the localhost on the reverse telnet port.
Therefore you need to telnet to the local device on TCP port 2000 + line number
For ROUTER1, you need to run the following command:
router1#telnet 192.168.255.152 2001
Where 192.168.255.152 is the loopback 0 address, 2001 is TCP port 2000 + 1 (line number 1).
Once you have connection, you need to authenticate again on router 1 (using local password or TACACS). Once authenticated you will then to connected to the remote device console port.
The console log below will give you an example of reverse telnet connection to Router 2 from Router 01:
router1#telnet 192.168.255.20 2001
Trying 192.168.255.152, 2001 … Open
router1
*************************************************************************
Access to this computer system is limited to authorised users only.
Unauthorised users may be subject to prosecution.
*************************************************************************
username: blah ———-> This is the re-authentication to router1
password:
Username:blah ———-> This is the console authentication to router1
Password: ********
*********************************************************************
This device is for authorise users only.
All access and use may be monitored.
Use of the system implies consent to these conditions.
*********************************************************************
Type help or ‘?’ for a list of available commands.
ROUTER2>