Random Cisco geekery, issue 2: Use one router to console into another, aka Reverse Telnet.

Normally we use our PC to connect to the Console port of a Cisco device. However there’s another thing you can do, which is using the AUX port of a router to connect to the Console port of another router (well, even the same actually, if you really fancy).

There are several reasons why you would learn this. One of this is that there are some devices called Access Servers (such as a Cisco 2509) which can let you connect to up to 8 console ports using so-called Async ports. Alternatively, you can use a network module like NM-16A, which is basically doing the same. Attached to this, you would normally use an octal cable (also called “the octopus” for the naughty ones).

The other reason (my case, coincidentally), is just because your USB-to-Serial dongle works like sh*t.

Step 1: prepare a rollover cable.

You can just buy one, but why? It’s just like an Ethernet cable with a different pinout – which, must say, it’s even easier than T568A/B, as whatever colour order you have chosen on one side, you just need to do exactly the opposite on the other, so that the first coloured wire becomes the last, the second becomes the seventh, the third becomes the sixth and so on.

As far as I know there are no standards on the colour order, so I chose this on the two sides:

  1. Orange, White-orange, Green, White-green, Blue, White-blue, Brown, White-brown;
  2. White-brown, Brown, White-blue, Blue, White-green, Green, White-orange, Orange.

Step 2: learn Reverse Telnet.

Now: how can we use the AUX port?

Cisco devices have some special ports that can be accessed via Telnet. These ports follow the format 2nnn, where nnn stands for the line number. By telnetting into these ports, you’ll get access to the line you need – in this case the AUX port.

First of all we need to tell the router to accept inbound connections on the AUX line:

To get the value for nnn, just issue a show line from the router.
In this case nnn = 065.

Then get the IP of any interface that is not down. In this case, just to be sure that this would work anyway, I have created a loopback interface with IP address =, and this is what I’m going to use:

And finally, we combine all these info:

Here we go. R1 has offered its AUX port to let you log into R2 via its console port.
Let’s try to exit, so that we come back to R1.

Hey, something went wrong here. Guess what? As you have probably experienced already, the console port is always up. This means that when you issue the exit command, this actually closes the session, but not the underlying connection, like telnet would do (remember, you’re telnetting into R1 itself now, not R2).

There’s a keystroke that comes into help: press Ctrl+Shift+6 and then x. This keystroke suspends a telnet session and brings you back to the original prompt:

All good then? No. The session is suspended, not closed, and if you will just press Enter you’ll return to R2:

How do we fix this? You need to forcefully shut down the telnet session while being in R1:

Note that, after clearing the line, I can press Enter and I’m still in R1.

But also note that the clear command doesn’t really work like a charm, as often you need to issue the command more several times before actually seeing the line disappear from show users. This is important: as long as the line shows active, any further attempt to reverse telnet will stop with a frustrating message saying “Connection refused by remote host”.

Note something down here. Put some effort into it.