Telnet is widely used as an in-band management protocol today for remotely administrating Cisco devices. As long as you have IP connectivity to the Cisco device and have configured a password on the vty lines, you can remotely administer your Cisco switches and routers.
However, it is possible to limit the devices that can Telnet into your devices based upon their IP addresses, which is discussed in our further article, “Using Cisco Access Lists.”
In User EXEC and Privileged EXEC of the IOS, it is possible to Telnet from your Cisco device to another device. By typing telnet followed by the IP address that you are trying to reach, you initiate a Telnet session from your local router or switch. In all actuality, you do not even need to use the telnet keyword. If you just type an IP address or a hostname (assuming name resolution), the IOS automatically assumes you are attempting to Telnet to that host.
For example, if you Telnet from the 28111 routers to the remote 1801, the output would look similar to the following:
CCNA2811>telnet 192.168.100.5 Trying 192.168.100.5 … Open User Access verification password: Engineering1801>
At this point, you can configure the Engineering1801 router as if you were directly consoled into it. However, there may be a time where you need to jump back to your original router to incorporate additional configurations, verify connectivity, or Telnet into other devices.
While connected to the remote device, you can suspend your Telnet session temporarily and return to the origin of the Telnet session (CCNA2811 in our example). The useful, but strangely awkward keystroke to suspend a Telnet session in Ctrl+Shift+6 followed by hitting the x key. Keep in mind that this only suspends the Telnet session; the session is still connected and running in a background process.
As shown in the following figure, you can verify the Telnet sessions that have originated from the local device by using the show sessions command. This example initiates and suspends two separate Telnet sessions from the CCNA2811 router.
Notice that each session connection is numbered and there is an asterisk next to connection 2. This is the last Telnet session that was suspended and it is the session that will be resumed if you hit the enter key without typing a command. You can also choose which Telnet session to resume by typing resume, followed by the connection number.
Ctrl+Shift+6, x suspends the Telnet session, but how do you actually close the Telnet session when you are finished? The answer is twofold. You can close a Telnet session from the originating local device by typing the keyword disconnect followed by the connection number. From the device into which you are Telnetted, you can also type exit or logout from User EXEC or Privileged EXEC.
By default, your Cisco devices send their notification messages such as debug outputs, interface alerts, and system error messages to the console port. This means that you cannot send these notifications over a Telnet session to another device by default.
To have these messages copied to the vty lines, you need to use the terminal monitor command in Privileged EXEC mode of the device to which are Telnetted. For instance, in the configuration shown, Router A Telnets into Router B and enters Privileged EXEC mode to type the terminal monitor commands, debug outputs, notifications, and error messages are then sent over the vty lines to be viewed by the remote terminal.
RouterA>telnet 10.1.1.1 Trying 10.1.1.1 … Open User Access Verification password: RouterB>enable Password: Router#terminal monitor
Step by Step
- Telnet into your neighbor router by typing telnet, followed by the IP address.
- Suspend that Telnet session by using ctrl+shift+6, x keystroke.
- Verify that suspended Telnet session by typing show session.
- Disconnect the Telnet session by typing disconnect, followed by the connection number.
IOS DHCP (Dynamic Host Configuration Protocol)
One of Cisco’s many goals is to make their routers more versatile than simply just routing pack etc. case in point, Cisco has incorporated security, switching, wireless, and or voice in their line of Integrated Service Routers to provide multi-functionality out of a single device.
In that same vein, the Cisco IOS has some convenient features that can provide services to small-to-medium size businesses minimizing the reliance on other devices and servers. One of those services that the Cisco router can provide is to act as DHCP server for a LAN to assign DHCP-enabled devices an IP address, address of the default gateway, domain name, and the DNS server address.
To start the configuration for this service, you have to configure your ethernet interface and make sure that it is up, administratively enabled, and assigned an IP address as described in previous articles. This makes logical sense since this is the interface that is connected to the DHCP-enabled clients. The next step is to logically define the DHCP address pool using the ip dhcp pool pool name command. Once you enter this command, the router prompt will indicate that you entered a DHCP sub-configuration mode that looks like the following:
CCNA2811(config)#ip dhcp pool kumarjanglu CCNA2811(dhcp-config)#
Once in dhcp config, you can specify the parameters that will be passed to the requesting client. For instance, to define the IP network scope that the router will use when leasing IPs, you can the network command followed by the subnet (not single IP) and the subnet mask in decimal form:
CCNA2811(dhcp-config)#network 172.16.0.0 255.255.0.0
You can also use CIDR notation for the subnet mask as demonstrated here:
CCNA2811(dhcp-config)#network 172.16.0.0 /16
Now, when devices with DHCP enabled come online and send a DHCP request for an IP, the Cisco router will receive that information and respond with an IP from the 172.16.0.0 network. In addition, it can also be configured to assign the default gateway (which is probably the router), the address of the DNS server, the domain name of the LAN, and specify the length of time of the IP is leased by the client. The configurations for these parameters are as follows:
CCNA2811(dhcp-config)#default-router 172.16.100.1 CCNA2811(dhcp-config)#-server 172.16.100.50 CCNA2811(dhcp-config)#domain-name kumarjanglu.com CCNA2811(dhcp-config)#lease 7 2 45 CCNA2811(dhcp-config)#exit
Given the preceding configuration, DHCP enabled clients will be assigned to the kumarjanglu.com domain and have a default gateway of 172.16.100.1, use 172.16.100.50 as a DNS server to resolve domain names to IP, and DHCP lease of this information will last for 7 days, 2 hours, and 45 minutes.
Since we already statically assigned the IP addresses of 172.16.100.1 to our default gateway and 172.16.100.50 to our DNS server, we want to make sure the router does not assign these IP addresses to device or else it would cause an IP conflict in our network. To exclude an IP address or an IP address range, use the ip dhcp excluded –address ip address in Global configuration for a single IP or define a range of IPs using the same command but defining a start IP an end IP.
In our example, we want to exclude the IP’s 172.16.100.1 and 172.16.100.50, so our configuration would look like:
CCNA2811(dhcp-config)# dhcp excluded-address 172.16.100.1 CCNA2811(dhcp-config)# dhcp excluded-address 172.16.100.50
If we used that 172.16.100.x range for other statically assigned devices, we could simply just exclude all IP addresses from 172.16.100.1 through 172.16.100.254 like this:
CCNA2811(dhcp-config)# dhcp excluded-address 172.16.100.1 172.16.100.254
To verify what devices are assigned IP’s from our router’s address scope, use the show ip dhcp binding command like the following;
CCNA2811#show ip dhcp binding Bindings from all pools not associated with VRF: IP address Client-ID/Lease expirationType Hardware address/Username 172.16.100.2 01e0.041f.a632.a2 Dec 27 2007 11:59 PM Automatic
Some of you may be reading this DHCP functionality and realize that you do not need it because you already have a configured and fully functional DHCP server. The Cisco IOS also gives you the option to configure your router’s interfaces to be a DHCP client as well; allowing you to use your existing DHCP server and have it assign an IP address to your interface. The command to do this is similar to statically assigning an IP address to your interface, except you specify the keyword dhcp instead of an actual IP address:
CCNA2811(config)# interface FastEtherent 0/0 CCNA2811(config-if)# ip address dhcp
The address that is assigned to the router’s interface cannot be seen by using the show running config command since it is a temporary address. Instead, you can verify it by using the show dhcp lease command like the following:
CCNA2811#show dhcp lease Temp IP addr: 172.16.100.2 for peer on Interface: FastEthernet0 Temp subnet mask: 255.255.0.0 DHCP Lease server: 172.16.1.1, state: 3 bound DHCP transaction id: 1967 Lease: 16000 secs, Renewal: 3000 secs, Rebind: 16000 secs Temp default-gateway addr: 172.16.1.1 Next timer fires after: 00:00:32 Retry count: 0 Client-ID: cisco-0019.e86a.6fc0-V11 Hostname: CCNA2811
This is the last article of our Foundation Cisco configurations. You can read the other basic article here.