|
Cisco normally implements three levels of Reverse-TCP connections
for remotely connecting to their ports;
- 2000+line number for the normal (7-bit) Telnet-like session
- 4000+line number for an 8-bit-escapable session
- 6000+line number for an 8-bit non-escapable session
The TCP-200n range mimics the normal Telnet session, passing
7-bit data normally. This is typically what you will use if you
are connecting remotely to device consoles for remote control.
The TCP-400n range is used if you need to pass 8-bit data,
but you still need to be able to define an Escape character so
that you can drop the session when you are ready. You would use
this when your sessions use PC-type graphics characters (the
128-254 (decimal) character set used on Western keyboards).
The TCP-600n range is reserved for sessions where you need a
complete 8-bit binary path over the serial connection. You would
require this if you need to use the console to transfer files
using a binary protocol such as XMODEM. The disadvantage to this
range is that you lose control of the session once you start it,
and the device you are connecting to must then use hardware
handshaking to signal the Cisco to disconenct the session.
- Because you need EVERY byte in the data path, you can't
reserve an in-band character to invoke your escape from
the connection.
- The serially-connected device you are communicating with
will need to toggle the state of its DTR output (so that
the Cisco sees the change on its DSR input...so you need
to invoke Modem Control).
- If you cannot get the remote device to send the signal,
your only other option is to clear the line from
the Cisco console, at the Enabled prompt.
|
Because of the symmetrical wiring schema used by Cisco
for their RJ-45 consoles, the best way to make a null-modem connection
between two Cisco-schema RJ-45 consoles is to use a CAB-500 'rolled'
8-wire cable (see the diagram below). Note that a Crossover Ethernet
cable will NOT work. If you don't understand why, follow the wires, and
you'll see how the signals get misconnected...
APACN part: 24490-21
|
APACN part: 24490-22
|
|
Standard Ethernet cables follow a specific wiring
pattern. However, not ALL Ethernet cables have 8 wires in the cable,
since a standard Ethernet interface only uses 4 of the wires. For
console connections, you need to make sure that your cables have all
8 wires, either 'straight through' (as shown to the left) for
most connections, or 'rolled' (as shown in the center). The USOC cable
used for CDDI connections will also work as a 'rolled' cable, if you
have them in the appropriate lengths.
|
|
If you need to connect devices over a longer distance
than your CAB-500, you can use standard 8-wire 'straight through'
(Ethernet) cables and a pair of Cisco-schema DB adapters to make the
null-modem signal transition.
The four charts below show you how to use adapters to
make a Null Modem, using standard Ethernet cables to provide the
appropriate lengths. Always match vendor-compatible parts when you are
making null-modem connections! That is, always connect a Cisco-schema
adapter to another Cisco-schema adapter, MOD-TAP with MOD-TAP, etc., to
ensure that the wiring is correct from one end to the other. Your
connection will not work (or, if it works, it will likely not work
completely) if you mix adapters with different wiring schema.)
|
Essentially, you need to make sure that you are
using a pair of adapters that;
|
|
Cisco Adapter combinations
|
Version
|
A-side
|
B-side
|
|
1
|
CMDCE
|
CFDTE
|
|
2
|
CMDTE
|
CFDCE
|
|
Micro-Annex Adapter combinations
|
Version
|
A-side
|
B-side
|
|
1
|
AMDCE
|
AFDTE
|
|
2
|
AMDTE
|
AFDCE
|
|
Xyplex Adapter combinations
|
Version
|
A-side
|
B-side
|
|
1
|
XMDCE
|
XFDTE
|
|
2
|
XMDTE
|
XFDCE
|
|
IOLAN Adapter combinations
|
Version
|
A-side
|
B-side
|
|
1
|
IMDCE
|
IFDTE
|
|
2
|
IMDTE
|
IFDCE
|
|
|
|
To connect most Cisco console ports to another Cisco
console port, use a 'rolled'
(8-wire) cable.
Due to the nature of Cisco acquiring other companies,
there are some devices with a Cisco brand that use the Cisco RJ-45
wiring schema, but they do NOT use all of the signals. That is, they
may only use the Data leads, or they may not use Hardware Handshaking.
However, if they have converted to the RJ-45 connector, they have also
used the legacy wiring schema. I'm still on the lookout, in case there
is a Cisco product from an acquisition that uses the previous companies
RJ-45 pinouts.
In order to make it easier to connect various devices to
Cisco console ports, or to Cisco-schema patch panels, I've created my Cisco Host-to-Adapters Page,
which lists the various devices on which I've checked the serial
interfaces. There are more than 500 devices in my connectivity
database, and the adapter pages list the devices, and tells you which
adapter (or cable) you will need to connect each device to either a
Cisco console port, or to a patch panel.
There are a few Cisco devices that have RJ-45 consoles
that are wired the null-modem opposite from the Cisco wiring standard.
The three devices listed below were (I believe) Catalyst products. They
are also listed on the Cisco
Host-to-Adapters Page, with information about which cable to
use. (The RJ-45 wiring used on the console on these devices appears to
be a patch panel, and not a console port.)
- 1100 switches
- 1200 switches
- 1400 switches
Cisco also sells an 8-cable "Hydra" interface (Cisco
part 72-0845-01) from the 68-pin high-density
connector to male RJ-45 connectors, having 3-foot long leads. These can
be used with the 68-pin connectors on the Cisco 2500-series terminal
servers, as well as the NM-16A and NM-32A async serial Network Modules.
These cables have the same pinouts as an Ethernet cable plugged into
the Cisco Patch Panel. You can
check the online Cisco cable
specification.
BEWARE: The Hydra
cable will not work directly with the 'different' devices listed above,
because the consoles on those devices are wired the 'null-modem'
opposite from the regular Cisco console schema. The Hydra cable was
designed to connect to the normal console ports.
The Cisco-schema patch
panel from APACN are wired the null-modem opposite from the
Cisco console ports, so that a Cisco RJ-45 console port can attach
directly to a Cisco patch panel using an Ethernet
(8-wire, straight-through) cable.
|
|
You can connect a modem to almost any Cisco device.
(Your modem configuration may be affected by the signals available on
the Cisco device, i.e. flow control and hardware handshaking.) Attach
the CMMOD adapter to the
female DB-25 connector on most modems, and use an appropriate length of
Ethernet cable (and another adapter on the host-side, as needed), as
indicated in the illustrations below.
Whether you attach your modem to the Console, or to the
Aux port will need to be reflected in your line configurations. (Do you
want to enforce a local login (with a crypt password, stored on the
Cisco device), or use a stronger, centralized authentication service
(such as RADIUS or TACACS+)? Your line configuration will probably need
to include the "line in/out modem" parameter. You also need to
configure whether you will need to enable the modem connection for a
"protocol" session, such as PPP, which may need an 8-bit clean data
path. (In the last case, your modem DCD signal needs to be able to tell
the Cisco port when the modem is on-line, so it's more important to get
the physical connection right, so that the Cisco port will log the
user/session off when the modem connection is lost or dropped.)
This section is,
unfortunately, a bit vague, due to a few problems.
- The variety of
connectors used on console ports on Cisco gear, mainly due to the
acquisitions of other companies by Cisco.
- Some
consoles may not care if DSR is toggled, but that's how the modem will
signal whether a call is on the line, in the configurations shown below
(since the Cisco RJ-45 schema doesn't have a separate DCD wire).
- The settings for
the various devices, to talk to the modem
- Some
consoles may need to be configured to understand that there is a modem
on the console
- You should
probably put an IDLE timeout on these console (or aux) ports, to
hang-up after a period of inactivity, since these are your consoles!
- While you
*may* be able to configure some ports to allow SLIP or PPP, you
probably don't want that in most instances. You may need to invoke
certain commands to prevent that possibility on some devices.
- The modem
settings required to make whichever modem you choose work.
- I
like the USR/3-Com Courier modems if you are connecting to these ports
so you can dial into them. (Personally, I'd avoid the USR Sportster for
dial-in use, because you cannot lock-down certain settings!)
- You may need
to modify the settings so that DCD reflects the state of the phone
connection, since the MMOD connector ties the DSR pin of the adapter to
the DCD signal of the modem.
As a result,
configuration of the Cisco line and interfaces, for the most part, are
left as an exercise for the reader. Sorry! If you have some specific
questions, I'm willing to field them via email, but have your modem
manual handy.
Defining what you need the modem connection to do (and
deciding what it shouldn't do, and what it doesn't need to do) should
be your first step, then head for the Cisco configuration command
reference for your version of IOS. Here are some guidelines for
configuring the modems;
- Determine the highest reliable RS-232 speed, common
to the Cisco device and the modem
- Set the modem port speed to that high speed
- Do NOT let the modem "auto-detect" the connection
speed, or change the RS-232 port speed!
- Set up the connection for hardware flow control on
the modem and the Cisco port
- Ensure that your cables and adapters are wired
correctly for flow control.
- I normally turn software flow control off...
- Configure the modem so that the DSR and DCD line
reflect the 'on-line' status
- Determine the optimum modem config string, and save
that to NVRAM on the modem
- Teach the modem to auto-load that config when the
modem resets
- Teach the modem to reset whenever the call is
disconnected, or DTR is cycled...
- Teach the Cisco how to also send that config
string, if needed
Devices with a Cisco RJ-45(f) console port can be
connected using an Ethernet Cable to the CMMOD adapter and
modem. (You would use a USOC-rolled cable to connect the CMMOD to a
Cisco-wired patch panel.)
Devices with a DB-9(f) console port can be connected
using an appropriate DB-9 adapter and an Ethernet Cable. You can refer
to my Minor
Scroll of Console Knowledge for tips on how to make sure you
are using the appropriate adapter.
Devices with a DB-25(m) console port can be connected
using an appropriate DB-25(f) adapter and an Ethernet Cable. (Most
Cisco devices which have a DB-25(m) console will also have a DB-25(f)
Aux or Modem port, which you can also use.)
Finally, realize that the physical connection will be an
important starting point. Get the connection set first, including speed
settings, before you go much further with your testing. Flow
control will likely be your biggest hurdle, since the modem can
introduce data latency issues because of speed differences on the telco
link, as well as the serial conenctions to the modems on each end of
the link, as seen in the next illustration.
 If you want to use any compression between the modems,
you need to set the serial speed to at least 2x, and preferably 4x (or
more) faster than the modem link speed. At 2x, the compression will not
give you much advantage, because the modems need time to compress and
decompress the data. Using 4x or more will show you some data
throughput improvement. But, the higher your serial speed, the more
likely you will have flow control issues between the modems. And, if
you have a high serial speed trying to send to a slower serial speed,
you may find that you are filling buffers in the mode, and possibly at
the slower serial link. If flow control isn's set up properly, you will
see data loss.
In summary; using modems in a data link will be a
challenge, and maybe even a pain. You will save yourself some grief by
spending a bit more, and getting really good modems, from a
manufacturer with a good support staff. You should also try to download
the manual for the candidate modems from the manufacturers website, and
see if you can understand the configuration information about flow
control, serial and phone speed controls, and compression. If you can't
understand the manual, try looking at other manufacturers.
|
|
When you have a device with a non-Cisco RJ-45 console
port, you will either need to use a combination of a Cisco adapter
(connected to the Cisco device), and another non-Cisco adapter
(connected to the non-Cisco device) to create the interface between the
two wiring schemes, buy you will need to buy or make a special cable. The common choices
for these connections are usually DB-25 RS-232 adapters, so you can
easily check your work by connecting a passive RS-232 signal tracer, or
a breakout box, in between the adapters.
The table below documents such connections, using
Ethernet cable (8-wire, straight-through) cables between the patch
panel, the devices and the adapters. The keys to making this type of
connection work are;
- Have the proper RJ-45 wiring schema, connected to
each device
- (attach the Cisco-schema adapter to the Cisco
device)
- (attach an adapter to the 'other' device which is
wired for the appropriate RJ-45 schema)
- The adapters must have complimentary DB connectors
- (the same number of pins; one male, one female)
- (it doesn't matter end which is which gender)
- One adapter must be DTE, and the other must be DCE
- (If both adapters are DTE, or both are DCE, the
connection will not work)
- Use your passive signal tracer to make sure that the
signals are correct
You can find more tips on my Minor
Scroll of Console Knowledge page.
|
Non-Cisco device
|
Device-side adapter
|
Cisco-side adapter
|
|
Micro-Annex (preferred)
Micro-Annex (alternate)
|
IMDCE, or MOD-TAP 06-988-401-00
IMDTE, or MOD-TAP 06-988-262-20
|
CMDTE
CMDCE
|
|
|
Tips for configuring the serial ports on terminal
servers for remote access to attached serial devices. (This is the type
of configuration that could be used with Conserver,
or to allow someone to use a TCP session to a high-TCP port to the
Cisco device, for connecting across the network to a specific serial
port on the Cisco device.)
- Choose which line(s) will be used for connecting to
serial devices.
- Don't run an 'exec' session on the port(s)
- (if you do, the Cisco login may 'chat' with the
attached devices login session...)
- (output data from the attached devices would be
perceived as attempts to log in...)
- Don't set the port(s) for local login.
- (this will cause the Cisco port to issue a login
when it sees the connection. The login will time out, and disconnect
the TCP session. Conserver will reinitialize the connection, but this
will fill your Conserver logs...)
- Set the port to allow Reverse Telnet.
- Set the port speed, data bits, parity, and stop-bits
(most folks use 9600-8-N-1)
- (there are arguments for setting the port speeds
higher.)
- (make sure that the Cisco port speed matches the
attached devices port speed.)
- Decide if you want/need software or hardware flow
control.
You can use the example below to get started.
line 1 16 (set individual lines, or 'line ranges'...)
no exec
no login local (local login will fill your logs...)
transport input telnet
speed 57600 (pick your speed(s)...)
databits 8
parity none
stopbits 1
flow control [none|software|hardware]
If you are connecting these Console Server ports to the
serial consoles of your network equipment, remember to consider these
other points;
- Set an idle timeout on the console exec of the
network gear (on the attached devices, not on the
terminal server!)
- You probably don't want someone to leave a port
in the enabled mode, and then let another user to connect to the port
after them to have the enabled access!
- Add a password (or other authentication) to the ports
of your attached devices (just like you would do for read-only access
via telnet.)
Configuring the AUX port for
Reverse-TCP
Normally, the AUX
port of a device can be configured with commands similar to those shown
above, to respond to reverse-TCP connections. The Aux port has
typically been assigned as the highest async line in the device, but
some AUX ports may not respond
to configuration for reverse-TCP. (For example, configure line aux 0 as
described above, to be able to enable reverse-TCP to the Aux port.)
Note: You can NOT
set a Cisco console to respond to reverse-TCP. You can set line con 0 for any of the settings above
except the transport input telnet, which is the bit that enables
reverse-TCP.
On a system that uses NM-nnA async modules, presume that
all of the NM slots will have 32-port modules installed, and total the
number of ports, and then add one to access the Aux port. (In a C3620,
you could have two NM-32A modules, for a total of 64 ports, so the Aux
port would be the 129th port, and you would reverse-TCP to port 2129 to
reach it, if it has been configurd for transport input telnet. In a
fully-loaded 3660, the Aux port would be port 2225.)
On the 2800 and 3800 devices, it seems that the Aux port
was
assigned as line 1 (reverse-TCP to port 2001), and then all of the
other
async ports have line numbers assigned by which slot/port/hwic where
they are installed. (See the 3800 Config sestion for more info about
line to slot/port mapping.)
This doesn't match the Cisco legacy, and Cisco folks are
looking to see
if they can change this in software to match the legacy mentioned here.
It may be hard-coded in hardware. I don't know when/if it will match
the legacy model in the future. For now, I can only tell you to test
one of
the lines you have installed, and see which cable responds for you.
|
|
When using the 2600 and 3600 family devices for remote
access to attached serial consoles, there are a few things you need to
consider. Foremost (in my opinion) is that the "line numbers" (also
async interface numbers) are hard-coded to the slots of the chassis.
This means that wherever you put your async interface module will
determine which line numbers will correspond to those async serial
ports.
Here's the way the async line numbers are assigned;
Slot 0: lines 1-32
Slot 1: lines 33-64
Slot 2: lines 65-96
Slot 3: lines 97-128
Slot 4: lines 129-160
Slot 5: lines 161-192
Slot 6: lines 193-224
So, my recommendation is to put the network interface
module(s) in the highest-numbered slot(s) when you can, and start
loading your NM-xxA cards starting in Slot 0, working your way up
consecutively.
The slot numbers are stamped in the sheet metal that
makes up the rear of the chassis, but sometimes the stamping was a bit
hard to see. The diagrams showing the slot numbers of the C3620 and
C3640 are shown below (looking at the rear of the chassis).
|
Here's the way the c3620 line
numbers are assigned;
Slot 0: lines 1-32
Slot 1: lines 33-64 (or network I/O...)
|
|
|
Here's the way the c3640 line
numbers are assigned
Slot 0: lines 1-32
Slot 1: lines 33-64
Slot 2: lines 65-96
Slot 3: lines 97-128 (or network I/O...)
|
|
The next issue to consider: the line numbers are
assigned in blocks of 32, but you can also use the NM-16A
(with only 16 async ports) in any of the slots. However, the port
numbers will then have gaps in them. (The line numbers won't shift, due
to the smaller number of ports on an NM-16A, to give you a contiguous
range.) This is something to be aware of as you are determining which
TCP port to call for remote access.
Here's the way the async line would be assigned for NM-16A modules;
Slot 0: lines 1-16
Slot 1: lines 33-48
Slot 2: lines 65-80
Slot 3: lines 97-112
Slot 4: lines 129-146
Slot 5: lines 161-176
Slot 6: lines 193-208
Finally, a pet peeve of mine: The designers of the c26xx
product family, and the C3660 product, assigned the built-in network
interfaces as "Slot 0". From a human-user interface standpoint, I think
this was a bad move for two reasons;
1.) Since the 3620 and 3640 start the slot numbers on the lower-right
(as you look at the slots on the back panel), then the lower-left, and
then the next row up (first the right, then the left), until you run
out of slots. In the case of the C3660, with six slots, I'd presume
that these were slots 0-5, and Slot 6 was the built-in (since it's
located at the top).
|
Here's the way the c3660 line number are assigned;
Slot 0: Network I/O
Slot 1: lines 33-64
Slot 2: lines 65-96
Slot 3: lines 97-128
Slot 4: lines 129-160
Slot 5: lines 161-192
Slot 6: lines 193-224
|
|
What this design decision means is that, in the largest 3600
chassis
(the 3660), which you would buy as a 192-port terminal server, that
you can never assign lines 1-32. This only becomes a functional issue
when humans need to map the 'first' serial port to TCP port 2033,
instead of 2001. (Anyone interfacing with these 192 ports needs to keep
this 32-port shift in mind, on every interaction.) Fortunately, if you
are using Conserver
to manage these ports, you only need to worry about this shift once, as
you are adding these devices into the configuration file.
2.) In the case of the c2600 family, I'd have put the NM slot on the
right (as you are looking at the rear of the unit), in the 'slot 0'
position, and put the built-in interfaces on the left.
|
Here's the way the C26xx line numbers are assigned;
Slot 0: Network I/O
Slot 1: lines 33-64
|
|
|
|
When using the 1800, 2800, and 3800 family devices for
remote
access to attached serial consoles, there are a few things you need to
consider. Foremost (in my opinion) is that the "line numbers" (also
async interface numbers) are hard-coded to the HWIC slots of the
chassis.
This means that whichever HWIC port you use for your HWIC async
interface module will
determine which line numbers will correspond to those async serial
ports.
Async line
number 1 is reserved for the AUX
port, and the line numbers for the HWIC ports are shited up
accordingly. This is not consistant with Cisco legacy, where the
AUX port is the highest line in the chassis. I found this curioustity
in July of
2006. After I reported this, Cisco was
looking for a way to make the 3800 conform to the legacy sequence.
(Testing in September with the 2800 series found that they also have
this anomally, and there is no word from Cisco whether this was a
hardware mapping, or if they will change the behavior in a future
version of IOS to match the legacy style.)
Here's the way the async line numbers are assigned;
* Even if you only use HWIC-8A modules, there is still the modulo-16
offset!
|
Slot
|
HWIC-8A
lines
|
HWIC-8A
TCP ports
|
HWIC-16A
lines
|
HWIC-16A
TCP ports
|
|
0/0
|
0-7*
|
2002-2009*
|
0-15
|
2002-2017
|
| 0/1 |
16-23* |
2018-2025* |
16-31 |
2018-2033 |
| 0/2 |
32-39* |
2034-2041* |
32-47 |
2034-2049 |
| 0/3 |
48-55* |
2050-2057* |
48-63 |
2050-2065 |
| 1/0 |
64-71* |
2066-2073* |
64-79 |
2066-2081 |
| 1/1 |
80-87* |
2082-2089* |
80-95 |
2082-2097 |
| 1/2 |
96-13* |
2098-2105* |
96-111 |
2098-2113 |
| 1/3 |
112-119* |
2114-2121* |
112-127 |
2114-2129 |
TCP port 2000 should be the chassis itself, and TCP 2001
will be the AUX port, if you have configured it for reverse-TCP.
So, my recommendation is to put non-async
module(s) in the highest-numbered slot(s) when you can, and start
loading your HWIC-xxA cards starting in Slot 0/0, working your way up
consecutively. In my experience, it's more intuitive to have the async
modules in a sequential order. That said, I also recommend loading
HWIC-16A cards instead of HWIC-8A cards if you're going to load more
than one card, so you have sequential line numbers. (For one thing,
sequential numbers make it easier to script configuration settings.)
|
Here's the way the c2800 line
numbers are assigned;
Slot 0: lines 0-63
Slot 1: lines 64-127
|
|
|
Here's the way the c3800 line
numbers are assigned;
Slot 0: lines 0-63
Slot 1: lines 64-127
Slot 2: lines 128-223
Slot 3: lines 224-195
|
|
|
Here's the way the HWIC interfaces
are assigned;
interface
Slot/HWIC/lines (0-7 or 0-15)
Interface
0/0/0 0/0/15
|
|
|
|
The Cisco 2509-11 Terminal Servers included async ports,
delivered using 68-pin (SCSI-II) connectors to deliver 8 Async Line
interfaces on each connector. (The C2511-RJ model had 16 RJ-45 jacks on
the back panel, instead of the two 68-pin connectors.)
The Cisco 2600 and 3600
series Access Devices can use an Async Interface module
(NM-16A, or NM-32A) which also uses the 68-pin connectors.
The Cisco 1800, 2800, and
2800 series Access Devices use an HWIC Async Interface
module, and these use a different connector to deliver 8 Async Line
interfaces. These patch panels described below will NOT work with the
HWIC async modules!
If your equipment is close to your Terminal/Console
Server devices, you could use the "Hydra" cable (Cisco part 72-0845-01),
but those cables are only 3 feet long. If you want to connect to
devices farther away, you can connect these with Cisco-schema patch
panel options from APA
Cables & Networks.
Option #1 is a single rack-unit-high
patch panel, with 16 ports, and two (2) 1-meter-long cables, with the
68-pin connectors. Be aware that these are slightly larger than 1-Rack
Unit tall, which will affect rack mount spacing.
- 1) One 16-port Patch Panel for each 2509-11 device
(APACN part number 19309-01).
You can use two of these patch panels for each NM-32A module.
Option #2 is a combination of a
2-Rack Unit-tall, 48-port patch panel, having six (6) AMP 50-pin
telco-type connectors with 1'-long cables. (Each AMP connector serves 8
RJ-45 connectors on the patch panel). You will also need an appropriate
number of adapter cables with 68-pin (SCSI-II connectors) on one end,
and the 50-pin AMP connectors on the other end.
- 48-port patch panel (APACN part number 19309-03, $475.00 USD
each)
- 8-port 68-pin SCSI-II connector to 50-pin AMP
(telco) connector (APACN part number 19309-02,
$90 USD each), and you need one of these cable assemblies for
every 8-port async connector.
The port density with Option #2 is much better for
high-density applications, where you want a lot of ports close to each
other. I've seen these deployed in instances where the (usually) C3640
or c3660 are deployed, and the patch panels are mounted close to the
C3600, and then Ethernet cables are used to connect the patch panel
connectors to "infrastructure cabling" patch panels, in order to
connect to devices in other racks in the data center. (A second option
is to put the patch panel in the rack near all of the devices where you
need console connections, and use longer Telco-type extension cables to
connect the patch panels to the Cisco 3600 device in another rack.
However, there are few instances that I've seen where you need 48
console ports in a single rack.)
Useful Extras: The threaded nuts that
retain the serial cable harnesses on the Cisco 2509-2511 communications
servers, and the async modules for the 3600 series devices, is a wider
diameter than the screws on the APACN cable harnesses themselves (so
the screws on the harness cables cannot be tightened to the 68-pin
connector on the C25xx or NM-xxA). You can get the proper threaded
standoffs from APA Cables & Networks (www.apacn.com) by
asking for part number 25057
("AMP female screw-lock kit", only two pieces/bag), for about $2.50
(USD) per bag(!). You will need one bag per connector, so you will need
two bags per 2509-11, and 4 bags for each NM-32A module.
You can reach APA
Cables & Networks at (voice) 800-422-2537 x-762 or
(fax) 763-475-8457. Steve Vacik ('svacik' at apacn.com) has been
helpful in the past. (I received notice in late DEC 2007 that APACN is
changing thei name. I'll update this contact information once I can
find out that they are still going to support serial console stuff)
Option #3 is a product from Great
Lakes Wire & Cable, (Kevin Reber, 888-833-4592,
sales@greatwire.com). They have a 1 rack-unit panel with (16) DB25 connectors, and
another 1 rack-unit panel with (32)
RJ45 connectors. They have cables from the patch panels to
either the Cisco NM async interface, or to the HWIC interface. You can
also specify DTE or DCE interfaces (by choosing the appropriate
interface cable) which offeres some interesting flexibility.
|
20091S-XXX DCE cable for NM
20091-XXX DTE cable for NM
|
20421-XXX DCE cable for HWIC
20413-XXX DTE cable for HWIC
|
|
|
|
When you are deploying console servers, you may
still want to have a way to wheel a terminal or a laptop up to a
machine to check configurations (basically, the practical (or paranoid)
among us want to have a safety net, in case the console services fail).
In this case, using modular adapters
actually simplifies our job!
By connecting all of your remote consoles to the
patch panels using Ethernet cables, all you need to do is connect an
adapter to your laptop, and set up a Terminal Emulator package to talk
to the serial port of the laptop.
If you want
to set up a "crash cart", I'd also suggest that you set the serial port
speed on all of your consoles to 9600 bps, 8-N-1 (since is the most
common setting). Having a common speed removes one more variable to
have to remember during a crisis.
If you have
any Sun workstations connected to your console
services, you should test to make sure that your terminal emulator
software doesn't send a serial BREAK when you start/stop it, since the BREAK
signal will likely send your Sun host to the OK prompt. (This has also been reported on
some SGI and NeXT hosts.)
The standard "terminal" adapter that Cisco
provides (APACN equiv. is CFDTE91),
when connected to your laptop, will give you an RJ-45, Cisco-schema
connection that is wired like a Cisco-wired patch panel port.
Use the APACN CFDCE91
adapter, connected to your laptop (and a terminal emulation program)
will give you an RJ-45, Cisco-schema connection that is wired like a
Cisco RJ-45 console port.
When you have successfully configured your
devices, you can then disconnect the Ethernet cable on the device that
you want to connect to, and use an Ethernet cable between the connector
on your PC and the other device. Your physical connection will be in
place, and you only need to ensure that your logical port settings on
the PC match those of the other device.
|
|
|
I've only had three reports of a Cisco NM-xxA interface
causing a Sun device to halt. In resolving two of the three cases, we
finally absolved the Cisco port, after the sites used a properly-wired
serial adapter. (The first site didn't involve me until they had
abandoned the Cisco solution, so they couldn't be sure, or show me the
parts they had used.) I'm still hopeful that I may one day get the
schematic of an adapter that causes such a scenario.
I am a strong proponent of buying pre-wired, pre-labeled
adapters and cables. Generally speaking, you probably can't build an
adapter cheaper, if you consider the value of your time as well as the
component costs. And, whether or not I can make 100 adapters without a
mistake isn't being questioned, I'm sure I'd rather not make 100 by
myself. The best advantages for buying pre-built adapters and pre-wired
cables include;
- Consistent wiring and labeling of the parts.
- Consistent shell colors and labels aides in
troubleshooting, by visually identifying the parts.
- Enhances reliability, knowing you can grab any
adapter and count on it being wired correctly.
- If you need a LOT of adapters or cables for a
build-out, you probably don't want to build them all yourself!
You can purchase any of the adapters and cables listed
on these pages individually (or in bulk) from APA Cables &
Networks (www.apacn.com).
You also have the option of buying a Cisco
Console Kit, which includes a complete set of adapters, and
some of the specialty cables
listed above, as well as a passive RS-232 Signal Tracer. The default
shell color is black for Cisco adapters. You can get the shells in
another color if you want, provided you want one of the colors listed
below:
Available colors: BK = black, GN
= green, RD = red, YL = yellow,
BL = blue, GY = grey
So, the APACN part number CFDTE91-GN
would denote the DB-9 female DTE adapter, wired for the Cisco RJ-45
format, but supplied with a green plastic shell (instead of the default
black shell).
APA Cables & Networks also sells adapters and
adapter kits for other RJ-45 schema, including the Annex/Bay/Nortel, IOLAN Rack+ and Xyplex terminal
server families. APA Cables & Networks uses different default
colors to make it easier to visually identify the different RJ-45
wiring schema.
The DB-25 adapters are wired according to the older
Cisco equivalents (from the CS-500 days). The DB-9 parts are derivative
works. The signaling for the Cisco RJ-45 consoles is shown at the beginning of this guide.
With all of this said, I also understand that sometimes
you just need to make that one cable or adapter, and buying just one
isn't practical. So, here are the schematics. (The APA Cables &
Networks part number is shown below each adapter. If there is a Cisco
equivalent, I've noted the Cisco part number as well.)
APACN p/n 24490-01
Cisco p/n 29-0809-01
|
APACN p/n 24490-02
Cisco p/n 29-0810-01
Logical p/n ADP-000006
|
APACN p/n 24490-03
Cisco p/n 29-0808-01
|
APACN p/n 24490-04
Cisco p/n 29-0811-01
Logical p/n ADP-000005
|
APACN p/n 24490-14
|
APACN p/n 24490-07
Cisco p/n 74-0495-01
Logical p/n ADP-000008
|
APACN p/n 24490-24
|
APACN p/n 24490-23
Logical p/n ADP-000007
|
APACN p/n 24490-60
|
APACN p/n 24490-59
Logical p/n ADP-000012
|
APACN p/n 24490-24
|
APACN p/n 24490-23
Logical p/n ADP-000011
|
|
|
APACN p/n 24490-05
Cisco p/n 29-0881-01
|
|
|
(The connection between pins 4 and 5 on these
adapters are very important, to tell some of the Cisco serial
interfaces that the port should be in RS-232 mode!)
|
|
As with adapters, I recommend buying pre-built,
pre-labeled, tested cables. APA Cables and Networks sells specialty
cables for connecting Cisco consoles and patch panel ports to other
console servers and devices, and these can be ordered from the
descriptions and part numbers shown below. The default length is 7
feet, but you can order custom lengths as needed. The cables come with
black boots on the RJ-45 end, and labels denoting the Cisco end. The
MMJ end does not get a boot, since they can't find anyone who makes a
colored MMJ boot.
APACN p/n 24490-71
|
APACN p/n 24490-74
|
APACN p/n 24490-72
|
APACN p/n 24490-69
|
APACN p/n 24490-48
|
APACN p/n 24490-75
|
APACN p/n 24490-52
|
APACN p/n 24490-47
|
There are other cables listed on the Cisco Adapter Kit Page.
|
|
U.S.
Robotics (USR, now 3-Com) digital modem chassis
have a different pinouts than Cisco on the console ports on their NICs
and NACs.
You can accommodate these devices by combining a Cisco 29-0810-01
(CFDTE) adapter with a USR
cable (part number 1.009.691-B) attached to the USR
console port, and an Ethernet cable to connect the CFDTE adapter to the Cisco port.
You can also make a single cable, with RJ-45 male
connectors on each end. Make sure that you label both ends of the
cable, since the wiring is not symmetrical (it makes a difference which
end plugs into the Cisco port!) APA Cables and Networks sells a couple
of cables for this (black boot on the Cisco end, orange boot on the USR
end);
APACN p/n 24490
|
APACN p/n 24490-16
|
|
There are more cables listed on the Cisco Host-to-Adapters Page.
|
|
Sun
Netra Hardware
Most Sun hardware has used a female DB-25 connector for
the TTY A and B ports. (Use a CMDCE
adapter to connect to a Cisco console port, or a CMDTE adapter to connect them to
a Cisco-wired patch panel.)
The Sun Netra T-1 (model 105) uses an RJ-45 console, and
it happens to be wired identically to the Cisco console port.
- To connect a Netra T-1 105 to a Cisco console port,
use a rolled cable.
- To connect a Netra T-1 105 to a Cisco patch panel,
use an Ethernet cable.
The DB-25 serial adapter that comes with the Sun Netra
T-1 (Sun p/n 530-2889-02) is wired similarly to the
APACN CMDCE adapter, with the addition of adding a 'frame ground'. The
plastic DB-25 shell has a metalized coating, and a drain ground lead is
attached from pin 1 of the DB-25(m) connector to a lead attached to the
metalized shell. The schematic on the Sun p/n 530-2889-03
is similar, except they changed the colors of the wires inside the
shell (and the tabs which hold the DB-25 connector are much
more fragile, so take my word on the wiring inside!)
The Sun Netra T-3 disk arrays use an RJ-13
connector for it's RS-232 console, and you only get data and ground for
your connection (no flow control or handshaking). APA Cables and
Networks sells a couple of cables for connecting these devices (black
boot on the Cisco end, no boot on the RJ-13 end);
|
APACN p/n 24490-62
|
APACN p/n 24490-63
|
|
There are more cables listed on the Cisco Host-to-Adapters Page.
|
|
Digital
Equipment Corp. (DEC, then Compaq, then H.P.) equipment often
used an RJ-13 with an offset locking tab, referred to as a Modified
Modular jack (MMJ). This included their VT-series
terminals, VAX equipment, and even newer Alpha series equipment.
APA Cables and Networks sells a couple of cables for
this (black boot on the Cisco end, and no boot on the DEC end);
|
APACN p/n 24490
|
APACN p/n 24490-17
|
|
There are other cables listed on the Cisco Host-to-Adapters Page.
|
|
Cisco provides one female DB-9 to RJ-45 adapter (Cisco
Part Number: 74-0495-01, labeled "terminal"), which
is most often used to connect PC serial (COM) port to the RJ-45 console
of a Cisco device, using the CAB-500 (Cisco, rolled) cable. This
adapter can also allow you to connect to other DB-9 or DB-25 console
ports on devices made by Cisco and other vendors. The APA Cables and Networks
equivalent part number is 24490-07
(also called "CFDTE91").
This adapter does not include wiring for the DCD signal on the DB-9
connector (pin 1), which many PC-platforms expect for their "console
redirection" functions.
There are three other compatible DB-9 to Cisco-schema
RJ-45 adapters available from APA
Cables and Networks
- female adapter, APACN part number: 24490-14 ("CFDCE91").
- male adapter, APACN part number: 24490-23 ("CMDTE91").
- male adapter, APACN part number: 24490-24 ("CMDCE91").
Rather than list all of the connection possibilities on
this page, I have created my Cisco
Host-to-Adapters Page, which lists which adapter (or cable)
you will need to connect any device on the list to a Cisco console or
aux port, or to a Cisco-schema patch panel port.
There are currently four additional DB-9 to Cisco-schema
RJ-45 adapters with DSR tied to DCD available from APACN;
- female adapter, APACN part number: 24490-59 ("CFDTE92").
- female adapter, APACN part number: 24490-60 ("CFDCE92").
- male adapter, APACN part number: 24490-67 ("CMDTE92").
- male adapter, APACN part number: 24490-66 ("CMDCE92").
Note: Some Cisco 1900-series switches use a DB-9 console
connection, instead of the RJ-45 connector. Some of these devices do
not like a connection between DB-9 pin 1 and pin 6, connecting DSR to
DCD on the DB-9, while other versions of the 1900 will require
this connection. (If the Cisco 1900 you have attached a DB-9 adapter to
is spewing AT modem commands out the port, you've got the wrong
adapter...add or remove the loop as needed.) The CFD*E91
does not have the DCD connection tied to DSR, while the CFD*E92
series does have the tie connecting DSR to DCD on the DB-9.
There was a previous APACN
part number: 24245-DTE-BK,
which was wired to tie DB-9 pins 1 and 6 together. However, the wire
was connected directly to pin 1, and then looped to pin 6. (If you
decided that you didn't need the DCD signal, and cut the loop, you
would still have DCD, but would have lost DSR...things may not behave
the way you might expect.)
APACN
sells any of these adapters (individual or bulk), as well as a complete adapter/cable set.
|
|
Cisco provides either one or two DB-25 to RJ-45 adapters
with new equipment;
- one female adapter (Cisco Part Number: 29-0810-01,
commonly labeled "Terminal" or "CAB-500DTF"), which is most often used
to connect to male DB-25 AUX ports on many Cisco devices.
(APACN part
number: 24490-02 ("CFDTE"), previous part number:
24245"-DTE-BK)
- one male adapter (Cisco Part Number: 29-0881-01,
commonly labeled "MODEM" or CAB-500DCM"),
(APACN part
number: 24490-05 ("CMMOD"),
previous part number: 24238-DTE-BK;
MOD-TAP part number 06-888-E76-20.)
There are three other DB-25 to RJ-45 adapters that Cisco
used to provide;
- female adapter (old Cisco Part Number: 29-0809-01),
connect to male DB-25 AUX ports on many Cisco devices.
(APACN part number
24490-01
("CFDCE").
- male adapter (old Cisco Part Number: 29-0811-01),
APACN
part number: 24490-04
("CMDTE").
- male adapter (old Cisco Part Number: 29-0808-01),
APACN
part number: 24490-03
("CMDCE");
MOD-TAP part number 06-888-E76-20.
Rather than list all of the possibilities here, I have
created an Cisco
Host-to-Adapters Page, which lists the various combinations
of male and female, DTE/DCE, DB-9 and DB-25, with a list of the various
devices which fall under each connector type. The list also tells you
which adapter (or cable) you will need to connect each device to either
a Cisco console port, or to a Patch Panel.
APA Cables
and Networks sells any of these adapters (individual or
bulk), as well as a complete
adapter/cable set.
|
|
NOTICE: Most of the pages,
articles, and tutorials on this website are
copyrighted works. You may make 'deep links' to various
pages. (If you let me know which page(s) you are linking to,
I'll let you know if I move the page(s) during updates.)
Please send me email if you wish to republish any material,
or use it on your own website.
|
Made using Nvu
Copyright 1996-2008,
David K. Z.
Harris, N6UOW
Questions? Comments? Additions? Email consoles at
conserver.com.
(Don't harvest my address, I don't want
SPAM!)
How does he do it? And
Why?
|
