Answer: Reload Router By Telnet

Configure a default route from R1 pointing to R2's ip address. The challenge is to reboot R1
from a telnet command from R3 without typing the command "reload". R3 should not telnet
directly to but instead it should telnet port 3000 to get to
port 3005. R1 should automatically ask to proceed to reboot and not ask for username/password
once the telnet from R3 is executed.

Solution is pretty simple. First we need to configure NATing on R2 to translate port 3000 to port 3005.

ip nat inside source static tcp 3005 3000 extendable
interface Serial1/3
ip nat outside
interface Serial1/1
ip nat inside

Lets also configure telnet password in R2 for testing.

line vty 0 4
password cisco

Now we have solved the first problem. There are 3 issues left on R1, how to make telnet not ask for a password, how to use port 3005 for telnet and how to make the reload automatic. Here's how the configuration should look like.

line vty 0 4
privilege level 15
no login
rotary 5
autocommand reload

Setting the vty to "privilege level 15" and configuring "no login" by passes user authentication. By default if there is no password set the device will refuse connections. "Rotary 5" command lets you use port 2005, 3005, 4005 and so on for telnet. The "autocommand" feature executes whatever command after the telnet.

Let's test first telneting to using default telnet port.

Trying ... Open

User Access Verification


We see it doesn't go to R1 but to R2 instead. Now to test using port 3000.

R3#telnet 3000
Trying, 3000 ... Open

System configuration has been modified. Save? [yes/no]:

Debug on R1
R1#debug ip packet
*Aug 26 15:47:43.299: IP: tableid=0, s= (Serial1/2), d= (Serial1/2), routed via RIB
*Aug 26 15:47:43.299: IP: s= (Serial1/2), d= (Serial1/2), len 44, rcvd 3
*Aug 26 15:47:43.307: IP: tableid=0, s= (local), d= (Serial1/2), routed via FIB
*Aug 26 15:47:43.307: IP: s= (local), d= (Serial1/2), len 44, sending

The debug clearly shows that the telnet came from R3. The telnet due to NAT redirected the traffic towards Some people call this NAT redirection. Obviously this is not a practical way to reload routers but this is just for fun and to demonstrate how can be used to redirect traffic. I haven't seen any enterprise using this way to reload and will not see in the future. LOLS!


1 Response to "Answer: Reload Router By Telnet"

Unknown said... January 23, 2011 at 2:31 AM

One of the best blog I have ever come across Thanks a ton Peter :-)

Post a Comment



The Dreamer

A fun loving person who enjoys learning new things. Currently working as a Network Engineer supporting the global network of a Fortune 500 company. This blog serves as my notes for the labs I created for my CCIE journey. I can guarantee there are errors in my posts. If you spot them, please let me know.

Join my Facebook Page I WANT TO BE A CCIE

Donate to the Cause

My aim is to create materials for free and possibly a free lab. If you wish to help out, please send any amount. Thanks.

Join my Bandwagon

Blogs that I Read