NM-8A/S module as a terminal server

Using NM-16A/S or NM-32A/S is easy peasy, because they are dedicated terminal server modules and you have octal cables. But NM-8A/S is a bit more complex because you need more cables, adapters, and special commands to get this working. Now, I don’t recommend the NM-8A/S modules but sometimes you can get them really cheap compared to the other ones, so here’s how to set it up as a terminal server:

  • put the module into a 2621xm router (or any of the routers listed on nm-8A/S Cisco page)
  • take a Cisco CAB-232MT cable, connect it to one of the ports on the module
  • take the male end of the CAB-232MT cable and connect it to DB-25female>DB9male adapter.
  • connect the adapter to a standard cisco blue console cable
  • plug the rj45 into some other router’s console port

Now power up the 2621xm, go to the serial interface (remember that they’re numbered from the right):

conf t

int s1/0

physical-layer async

 

This causes the serial to go into async mode.

Now issue the command:

show line

This command shows you which line you need to use (in my case it was line 33, because the it’s S1/0 module. If it was S0/0 module, it would be line 1.)

Then, make a loopback0 interface and add an ip address to it:

int loop0

ip addr 10.0.0.1 255.255.255.0

Then, go to the line interface and modify the transport parameters:

conf t

line 33

transport input telnet

transport output telnet

 

Finally, create a host/port mapping:

ip host R1 2033 10.0.0.1

This maps the address/port to the name of the router that you want to manage.

Now you can manage other routers by telnetting to this router’s loopback interface:

telnet 10.0.0.1 2033

This moves you to the R1 console port.

Alternatively, just type R1 and press Enter.

You can use Shift+Ctrl+6 and then X to leave the managed router and go back to your terminal server.

Now add more mappings for other managed routers:

ip host R2 2034 10.0.0.1

ip host R3 2035 10.0.0.1

ip host R4 2036 10.0.0.1

and so on and so forth.

Rack 1 ready to rumble

Just look at this: Isn’t this beautiful?  This is the rack that I’m going to use for demos:

1×3560

2×3550 (soon to be replaced by 3560v2 or 3560e)

2651xm + NM-32A (access server)

ASA 5520 (for vpn users)

1×2801

1×1921

5×1841

1x SRX210 (in case I want to draw a comparison with Junos)

In each rack there will be a small Edimax wifi router so that each group can connect to a separate SSID on a separate wifi band.

Big thanks to Kaziu!!! (”tak to by człowiek się w niedzielę obijał i chodził z kąta w kąt”)

dsc_0014

Logging discriminator on routers and switches, logging lists on ASA

 

If your routers/switches send useless but high-level messages to your syslog server, you can use a logging discriminator to eliminate some unwanted log messages.

 

This is an example of a cisco bug message on a Cisco 881 router. It doesn’t mean anything and can only be fixed with an ios upgrade. You can also choose not to do anything about it because nothing is actually broken, but the syslog has a critical class and looks ugly in your kiwi logs.

734605: Jul 15 12:33:26.295 CEST: %SYS-2-CHUNKINVALIDHDR: Invalid chunk header type 1 for chunk 8419EBA4, data 8419FEEC -Process= „Net Background”, ipl= 3, pid= 27,  -Traceback= 0x8084F720 0x80037078 0x8034D438 0x8170FA3C 0x8170D6AC 0x8170D978 0x816E6BD0 0x8190F7CC 0x8190FDC0 0x80C13514 0x8144F354 0x803241D4 0x80C1370C 0x8144F354 0x80B3B538 0x81450CC8

To eliminate this critical syslog entry, use a logging discriminator.

logging discriminator NOCHUNK severity drops 2 facility drops SYS mnemonics drops CHUNKINVALIDHDR

logging console discriminator NOCHUNK

logging monitor discriminator NOCHUNK

logging trap warnings

logging host 10.0.0.1 discriminator NOCHUNK

 

On firewalls, you need a different approach, because the discriminator has not been implemented on ASA.Therefore, you need to add messages on top of a specific logging level.

Logging message 111111 level errors (find message number in cisco documentation)

or use lists:

logging list my_critical_messages level 1
logging list my_critical_messages message 611101-611323
logging trap  my_critical_messages