pat@convex.com (Pat Peters) (03/08/91)
We have an unusual situation that I'd like to user a terminal server for. I'm interested in opinions on which terminals servers might be able to accomplish what I want to do. We have quite a few machines in our lab. Using a lab machine requires connection to the consoles (there are two) via RS-232. However, you can do lots of work without ever being in the physical presence of the machine. Right now we've run serial connections to some async ports on a time sharing machine and you can use tip, kermit, etc. to get your hands on the consoles without having to visit the lab. You can be in your office and use your workstation, which is a much more comfortable and productive environment for many people. Nice as this is for the users, it's a pain for the sys admins. If someone wants to use a particular lab machine via tip, they have to have a user id on the machine that has its console connections. We also get to string lots of serial cable from the lab into the computer room. It's ugly, it's inflexible, there's got to be a better way. What we really want to do is hook up the console ports to a terminal server and have people telnet/rlogin to the terminal server and then come out through the serial ports--exactly the reverse of how you'd normally use a terminal server. I'm told that most terminal servers don't have the ability to accept incoming telnet/rlogin sessions in the quantity necessary to make this viable. Anyone out there have some suggestions? Thanks -- Pat Peters Convex Computer Corporation UUCP: pat@convex.com 3000 Waterview Pkwy Richardson, TX 75080 Voice: (214) 497-4706
BILLW@mathom.cisco.com (WilliamChops Westfield) (03/08/91)
What we really want to do is hook up the console ports to a terminal
server and have people telnet/rlogin to the terminal server and then
come out through the serial ports--exactly the reverse of how you'd
normally use a terminal server. I'm told that most terminal servers
don't have the ability to accept incoming telnet/rlogin sessions in
the quantity necessary to make this viable.
Interestingly enough, this is almost exactly how cisco's internal
router test labs are set up. - racks full of various routers with
their consoles connected up to some of our terminal servers. We
then access the consoles via telnet from X windows on various machines,
so that you can have the consoles of various machines (with logs) sitting
in front of you at the same time. It works great...
I don't know that I'd say that "most terminal servers dont support
incoming telnet" - I know of few that don't. I like to think that we
do it better than many - for example, you can limit which systems can
connect to a port, and require them to provide a username/password
before they actually get to send data to the port (handy both for
security, AND for figuring out who is using that port when someone
else needs it!) Check in your terminal server manual under 'configuring
non-terminal devices".
Anyone out there have some suggestions?
One thing to watch out for is that power-cycling the terminal server
may generate what looks like a BREAK to the systems connected to the
ports. This can drop them into a nice ROM monitor, effectively crashing
them from the users point of view. You either need to diable BREAKs on
those systems, or use some sort of external pullup to prevent the BREAKs
from appearing...
Bill Westfield
cisco Systems.
-------dd@ariel.unm.edu (Don Doerner) (03/10/91)
In article <1991Mar08.003144.12983@convex.com> pat@convex.com (Pat Peters) writes: > What we really want to do is hook up the console ports to a terminal > server and have people telnet/rlogin to the terminal server and then > come out through the serial ports--exactly the reverse of how you'd > normally use a terminal server. I'm told that most terminal servers > don't have the ability to accept incoming telnet/rlogin sessions in > the quantity necessary to make this viable. > > Anyone out there have some suggestions? Actually, most terminal servers that I have seen will allow you to do this... I am doing it with cisco terminal servers on a routine basis. I know that others work as well. If anyone wants details, follow up with e-mail, please. Don Doerner, Manager, Network Services University of New Mexico Computer and Information Resources and Technology Disclaimer: *** Yeah, right! As if anyone could hold them liable anyway! ***
lim@slc6.INS.CWRU.Edu (Hock Koon Lim) (03/19/91)
In article <33075@boulder.Colorado.EDU> BILLW@mathom.cisco.com (WilliamChops Westfield) writes: > >I don't know that I'd say that "most terminal servers dont support >incoming telnet" - I know of few that don't. I like to think that we >do it better than many - for example, you can limit which systems can >connect to a port, and require them to provide a username/password >before they actually get to send data to the port (handy both for >security, AND for figuring out who is using that port when someone >else needs it!) Check in your terminal server manual under 'configuring >non-terminal devices". I know cisco terminal server can configured with username/password for "incomming connection" to a port. I am unable to configure it to ask for username/password in the "out going" connection like reverse tcp service. Am I doing something wrong? Another point of interest on SLIP implementation on cisco terminal server. On current configuration for SLIP line, each port is associated with an IP address. If you set it these ports on the modem pool for imcomming connection, users will pick up an IP address which associated with that particular port. I would like to be able to do username/password and then assign an IP number that this associated with the username. Will cisco plan to support this kind of configuration in the future? >Bill Westfield >cisco Systems. >------- Thanks, -- Hock-Koon Lim, Information Network services Case Western Reserve University; Cleveland, Ohio, USA 44106 (216) 368-2982 lim@ins.cwru.edu
BILLW@mathom.cisco.com (WilliamChops Westfield) (03/20/91)
I know cisco terminal server can configured with username/password
for "incomming connection" to a port. I am unable to configure it
to ask for username/password in the "out going" connection like reverse
tcp service. Am I doing something wrong?
It should "just happen". It works on all the systems here at cisco.
Both the password protection and username/password (tacacs) protection
work on incoming lines (when activated by modem control or activation
character), outgoing lines (just after the telnet connection is
established), and VTYs (ditto).
Another point of interest on SLIP implementation on cisco terminal
server. On current configuration for SLIP line, each port is associated
with an IP address. If you set it these ports on the modem pool for
imcomming connection, users will pick up an IP address which associated
with that particular port. I would like to be able to do username/password
and then assign an IP number that this associated with the username. Will
cisco plan to support this kind of configuration in the future?
The current release (8.2) supports "slip address dynamic". When the user
issues a SLIP command, the TS prompts for a hostname and password, which
are authenticated via tacacs (or extended tacacs).
Bill Westfield
cisco Systems.
-------