|
|
This chapter describes how to configure support for asynchronous character stream calls running Telnet, rlogin, local-area transport (LAT), XRemote, or TN3270 and includes the following sections:
Inbound asynchronous character stream calls are routed to virtual terminal lines and virtual asynchronous interfaces, which are used to terminate incoming character steams that do not share a physical connection with the access server or router (such as a physical interface). A virtual asynchronous interface is the place where inbound Telnet, LAT, V.120, TN3270, and PAD calls or sessions terminate on the router. Virtual terminal lines are used for attaching to the router in a nonphysical way.
For a complete description of the commands in this chapter, refer to the "Dial-In Terminal Service Commands" chapter of the Dial Solutions Command Reference. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.
Configuring support for terminal service connections means to enable network devices running the same protocol (such as LAT or TCP) to connect across a LAN or WAN through network and terminal-emulation software such as Telnet, rlogin, TN3270, LAT, and NetWare Asynchronous Services Interface (NASI).
Terminal services permit asynchronous devices to be connected to a LAN or WAN through network and terminal-emulation software including Telnet, rlogin, NASI, Digital's LAT protocol, and IBM TN3270. (See Figure 55.)
Access services permit terminals to connect with remote hosts using virtual terminal protocols including Telnet, NASI, LAT, TN3270, rlogin, and X.25 packet assembler/disassembler (PAD). You can use a router that supports access services to function as a terminal server to provide terminal access to devices on the network.
A host can also connect directly to an access server. In IBM environments, TN3270 allows a standard ASCII terminal to emulate a 3278 terminal and access an IBM host across an IP network.
In Digital environments, LAT support provides a terminal with connections to VMS hosts. X.25 PAD allows terminals to connect directly to an X.25 host over an X.25 network through the router. X.25 PAD eliminates the need for a separate PAD device. This connection requires use of one of the synchronous serial interfaces on the router supporting access services.
Figure 55 shows some of the terminal connection services available on your router.
The following protocols are supported for dial-in terminal services:
This section describes how to configure access server and router lines to support Telnet and rlogin connections and includes the following sections:
Telnet and rlogin are protocols that enable TCP/IP connections to a host. Telnet, a virtual terminal protocol that is part of the TCP/IP protocol suite, is the more widely used protocol. The rlogin protocol is a remote login service developed for the BSD UNIX system. It provides better control and output suppression than Telnet, but can only be used when the host (typically, a UNIX system) supports rlogin. The Cisco IOS implementation of rlogin does not subscribe to the rlogin "trusted host" model. That is, a user cannot automatically log on to a UNIX system from the router, but must provide a user ID and a password for each connection.
Telnet allows a user at one site to establish a TCP connection to a login server at another site, then passes the keystrokes from one system to the other. Telnet can accept either an IP address or a domain name as the remote system address. In short, Telnet offers three main services:
The Cisco Systems implementation of Telnet supports the following Telnet options:
To configure support for Telnet or rlogin calls, perform the following tasks. Unless specified otherwise, all commands are entered in line configuration mode:
| Task | Command |
|---|---|
| Step 1 Negotiate speeds on reverse Telnet lines. | telnet speed default-speed maximum-speed |
| Step 2 Cause Telnet to refuse to negotiate full duplex, remote echo requests on incoming connections. | telnet refuse-negotiations |
| Step 3 Set line to send a RETURN (CR) as a CR followed by a NULL instead of a CR followed by a LINE FEED (LF). | telnet transparent |
| Step 4 Set line to send a Telnet Synchronize signal when it receives a Telnet Break signal. | telnet sync-on-break |
| Step 5 Set the line to cause the system to generate a hardware Break signal on the RS-232 line that is associated with a reverse Telnet connection, when a Telnet Interrupt-Process command is received on that connection. | telnet break-on-ip |
| Step 6 In global configuration mode, optimize the line by setting the number of characters output before the interrupt executes. | ip tcp chunk-size number |
| Step 7 In interface configuration mode, assign an IP address to the service provided on a TCP port. | ip alias ip-address tcp-port |
| Step 8 In global configuration mode, define a message that the router displays whenever a Telnet or rlogin connection to the specified host fails. | busy-message hostname d message d |
| Step 9 In global configuration mode, define a message that the router displays whenever a Telnet or rlogin connection to the specified host succeeds. | login-string hostname d message [%secp] [%secw] [%b] d |
| Step 10 Set up a line to notify a user who has multiple, concurrent Telnet connections when output is pending on a connection other than the current one. | notify |
| Step 11 Define a "line-in-use" message to indicate that the line is currently busy. | refuse-message d message d |
The telnet speed command sets the line speed to match line speeds on remote systems in reverse Telnet, host machines hooked to an access server or router to access the network, or a group of console lines hooked up to the access server or router when disparate line speeds are in use at the local and remote ends of the connection. Line speed negotiation adheres to the Remote Flow Control option, defined in RFC 1080.
When the telnet refuse-negotiations command is set, it suppresses negotiation of the Telnet Remote Echo and Suppress Go Ahead options.
The telnet transparent command is useful for coping with different interpretations of end-of-line handling in the Telnet protocol specification.
The telnet sync-on-break command sets the line to cause a reverse Telnet line to send a Telnet Synchronize signal when it receives a Telnet Break signal. The Telnet Synchronize signal clears the data path, but still interprets incoming commands.
Issue the telnet break-on-ip command to control the translation of Telnet Interrupt-Process commands into X.25 Break indications, and to work around the following situations:
When used with a correctly operating host, Cisco IOS software implements the Telnet Synchronize and Abort Output signals, which can stop output within one packet's worth of data from the time the user types the interrupt character. Issue the ip tcp chunk-size command to configure a faster response to user interrupt characters. Changing the number of characters output, or chunk size, affects neither the size of the packet used nor the TCP window size, either of which would cause serious efficiency problems for the remote host as well as for the access server or router. Instead, the Telnet status is checked after the number of characters specified, causing only a relatively minor performance loss.
Use the ip alias command to configure connections to an IP address to act identically to connections made to the server's primary IP address on the TCP port. A user trying to connect is connected to the first free line in a rotary group using the Telnet protocol.
With the login-string commands options, you can set a pause, prevent a user from issuing commands during a pause, send a Break character, and use a percent sign (%) in the login string. The busy-message command and login-string command are only useful with two-step protocol translation sessions. For more information about protocol translation, refer to the "Configuring Protocol Translation" chapter.
For actual sample configurations on how to configure Telnet and rlogin, see the section "Telnet and Rlogin Configuration Examples" later in this chapter.
Telnet and rlogin are protocols that enable TCP/IP connections to a host.
Telnet, a virtual terminal protocol that is part of the TCP/IP protocol suite, is the more widely used protocol.
The rlogin protocol is a remote login service developed for the BSD UNIX system. It provides better control and output suppression than Telnet, but can only be used when the host (typically, a UNIX system) supports rlogin. The Cisco IOS implementation of rlogin does not subscribe to the rlogin "trusted host" model. That is, a user cannot automatically log on to a UNIX system from the router, but must provide a user ID and a password for each connection.
To provide Telnet and rlogin connection capabilities, perform the following tasks in EXEC mode:
| Task | Command |
|---|---|
| Step 1 Log on to a host that supports Telnet. | connect host [port] [keyword]
or |
| Step 2 Display a list of available hosts. | show hosts |
| Step 3 Display the status of all TCP connections. | show tcp |
| Step 4 Log off the host by entering the default escape sequence.1 | Ctrl^ |
| Step 5 Log off the host by entering a special escape sequence.1 These special Telnet sequences map generic terminal control functions to operating system-specific functions. | Choose from the following list of escape sequences, according to your task:
|
|
Step 6 List the available Telnet commands at any time during the active Telnet session.1 | Ctrl-^ ? |
| Step 7 Log on to a host that supports rlogin. | rlogin host [debug] [/user username] |
| Step 8 Exit a Telnet or rlogin session. | exit
or logout |
With the Cisco IOS implementation of TCP/IP, you are not required to enter the connect or telnet commands to establish a Telnet connection. You can just enter the learned host name--as long as the host name is different from a command word for the router. Telnet must be the default (you can make it the default with the transport preferred command. Use the show hosts EXEC command to display a list of the available hosts. Use the show tcp EXEC command to display the status of all TCP connections. The Cisco IOS software assigns a logical name to each connection, and several commands use these names to identify connections. The logical name is the same as the host name, unless that name is already in use, or you change the connection name with the name-connection EXEC command. If the name is already in use, the Cisco IOS software assigns a null name to the connection. For an example of making a Telnet connection, see the "Telnet and Rlogin Configuration Examples" section later in this chapter.
After the rlogin command is issued, you can have several concurrent rlogin connections open and switch between them. To open a new connection, exit the current connection by entering the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) to return to the system command prompt, then open a new connection. For an example of making a rlogin connection or switching between connections, see the sections "rlogin Example" or "Switch between Telnet and rlogin Sessions Examples" later this chapter.
To display the status of a TCP connection or view a summary of the TCP connection end points in the system, perform the following tasks in user EXEC mode:
| Task | Command |
|---|---|
| Display the status of a TCP connection. | show tcp [line-number] |
| Display a summary of the TCP connection end points in the system. | show tcp brief [all] |
The following examples are provided:
router> connect host1 /route:kl.sri.com 10.1.0.11 host1
The following example connects to a host with logical name host1:
router> host1
router> rlogin 108.33.21.2 debug
You can switch between sessions by escaping one session and resuming a previously opened session. The following example shows how to escape out of a connection to the host host1 and to resume connection 2. You escape out of the current session and return to the EXEC prompt by entering the command sequence Ctrl-Shift-6 then x. Resume the connection with the resume [connection] [keyword] command.
host1%^^Xrouter>resume 2
You can omit the command name and simply enter the connection number to resume that connection. The following example illustrates how to resume connection 3:
router> 3
To list all the open sessions associated with the current terminal line, use the where command.
At any time during an active Telnet session, you can list the Telnet commands by pressing the escape sequence keys (by default Ctrl-Shift-6) followed by a question mark at the system prompt:
Ctrl-^ ?A sample of this list follows:
router> ^^?
[Special telnet escape help] ^^B sends telnet BREAK ^^C sends telnet IP ^^H sends telnet EC ^^O sends telnet AO ^^T sends telnet AYT ^^U sends telnet EL
The Digital Equipment Corporation (Digital) Local Area Transport (LAT) protocol is the one used most often to connect to Digital hosts. LAT is a Digital-proprietary protocol. We provide LAT technology licensed from Digital. This section describes how to configure the LAT transmission protocol.
The following sections are provided:
The LAT protocol allows a user to establish a LAT connection to a host at another site, then pass the keystrokes from one system to the other. A user can establish a LAT connection through a router to a LAT host simply by entering the host name. The Cisco IOS software supports the LAT 5.2 specification.
Unlike the Transmission Control Protocol/Internet Protocol (TCP/IP), LAT was designed to be used on LANs and it cannot be routed because it does not have a routing layer. However, a bridge or combined bridge and router, such as a Cisco router, can be used to carry LAT traffic across a WAN. Protocol translation can be used to carry LAT traffic over a WAN by first translating LAT to X.25 or Telnet, as shown in Figure 56.
The following sections describe Cisco's implementation of LAT in more detail:
The LAT protocol is asymmetrical; it has master and slave functionality. First, the LAT master starts a LAT circuit by sending a circuit start message, and then a LAT slave responds with its own circuit start message. From 1 to 255 LAT sessions can then be multiplexed on a circuit.
In a typical setup, where the user's terminal is connected to a router, the router acts as the master, and the target VMS host acts as the slave.
For example, the following command results in the device router1 acting as the master (or server) and the target VMS host, wheel, acting as the slave (or host).
router1> lat wheel
A router can also act as a slave. This happens if the user connects from one access server to another. For example, the following command results in router1 acting as the master (server) and router2 acting as the slave (host).
router1> lat router2
In a LAT host-initiated connection, the VMS system always acts as the LAT slave. For example, a print job originating from a VMS system initiates or triggers the router to which the printer is connected to act as the LAT master. In short, the master-slave relationship also applies to host-initiated sessions from a LAT slave.
Resources such as modems, computers, and application software are viewed in a LAT network as services that, potentially, any user in the network can use. A LAT node can offer one or more such LAT services, and more than one LAT node can offer the same LAT service.
A LAT node that offers one or more services, collectively called advertised services, broadcasts its services in the form of Ethernet multicast messages, called LAT service announcements. Conversely, a LAT node can listen for LAT service announcements on the network. These messages are cached in a dynamic table of known LAT services, collectively called learned services.
The Cisco IOS software supports both learned and advertised LAT services; therefore, it also supports incoming and outgoing LAT sessions. The services rating of its advertised nodes are determined dynamically but can also be set statically.
To establish outgoing connections to a LAT service, the Cisco IOS software searches for the service in the learned services cache. If one or more nodes is offering the same service, the node with the highest rating is chosen. For example, a LAT connection to a service offered by a VAX cluster connects to the node in that cluster with the smallest load and thus the highest service rating. This is how load balancing works in relation to a group of nodes offering the same service.
To establish an incoming connection, a LAT session connects from another LAT node to the service advertised by the local LAT node.
When both the router and the LAT host share a common group code, a connection can be established between the two. If the default group codes have not been changed on either side, a user on any router can connect to any learned service on the network.
However, if you define groups for access servers or routers and LAT hosts, you can partition these services into logical subnetworks. You can organize the groups so that users on one device view one set of services, and users on another device (or another line on the same device) view a different set. You might also design a plan that correlates group numbers with organizational groups, such as departments. The section "LAT Configuration Task List" in this chapter describes how to enter group code lists in your configuration file.
A LAT host node's services cannot be accessed individually; access is granted, per node, on an
all-or-none basis.
A LAT session is a two-way logical connection between a LAT service and the router. All this is transparent to the user at a console connected to a LAT session; to the user it appears that connection has been made directly to the desired device or application program. There is no inherent upper limit to the number of LAT sessions you can create from an asynchronous terminal to the router.
You can establish host-initiated connections by specifying a port number or by defining a service. These same services are used for connections from other access servers or routers.
The process of connecting to a VMS host is slightly different if you are connecting to a VMS host running VMS Version 5.4 or earlier than when connecting to a VMS host running VMS Version 5.5 or later software.
If a host-initiated connection is received that specifies a destination port number that corresponds to a virtual port on the router, a virtual EXEC process will be created for the user to log in with. This process can be used, in conjunction with the Digital set host/dte command on VMS, to connect to a router named router1 from a VMS host node, as shown in the following example:
$lcp :==$latcp $lcp create port lta300: $lcp set port lta300:/service=able /node=router1 $set host/dte lta300:
To connect to a VMS host running VMS Version 5.5 or later, you must turn on the VMS LAT hosts's outgoing connections and use the Digital set host/lat command, as shown in the following example:
$lcp :== $latcp $lcp set node/connection =outgoing $set host/lat able
When you configure a LAT printer, the LAT port name is the line number without the "TTY." For example, if you configure terminal line 10, named ABLE, to be a LAT printer port, you must use the OpenVMS command to associate an arbitrary LAT device to a LAT port name as follows:
$lcp :== $lcp $lcp create port lta300: $lcp set port/node=ABLE/port=10 lta300:
The LAT port name is the line number without the "TTY," regardless of whether the format of the TTY line number is decimal or octal.
The Cisco IOS software fully supports the LAT protocol suite, and provides the following features:
The Cisco IOS software LAT protocol is supplied with a default configuration and does not require additional configuration for you to use it. The software does provide commands for customizing the LAT software for your environment, if desired.
Perform the tasks in the following sections to enable LAT and customize LAT for your particular network environment:
To enable basic LAT services, perform the following tasks in global configuration mode:
| Task | Command |
|---|---|
| Step 1 In interface configuration mode, enable the LAT protocol. LAT is disabled by default. | lat enabled |
| Step 2 Give the router a LAT node name that is different than the host name. | lat node node-name |
| Step 3 (Optional) In line configuration mode, define the group list for an outgoing connection on a specified line. | lat out-group {groupname | number | range | all} |
| Step 4 (Optional) Specify logical names for group lists. | lat group-list groupname {number | range | all} [enabled | disabled] |
| Step 5 (Optional) Specify groups to be advertised. | lat service-group {groupname | number | range | all} [enabled | disabled] |
| Step 6 (Optional) In line configuration mode, enable remote LAT modification of line characteristics. | lat remote-modification
|
Use the lat out-group command to define the list of services to which a user can connect. Do this by defining the group code lists used for connections from specific lines. You can limit the connection choices for an individual line by defining the group code lists for an outgoing connection. When a user initiates a connection with a LAT host, the user's line must share a common group number with the remote LAT host before a connection can be made.
Use the lat group-list command to specify a name for group lists to simplify the task of entering individual group codes. A name makes it easier to refer to a long list of group code numbers. To display the defined groups, use the show lat groups command.
Use the lat service-group command to specify a group code mask to use when advertising all services for a node. You can enter more than one group code by listing the numbers. You can also enter both a group code name and group codes.
Use the lat remote-modification line configuration command to configure a LAT line so that a remote LAT node can change the operating characteristics of the line.
Just as LAT services are offered by host computers, they also can be offered by access servers and routers, as they implement both the host and server portions of the LAT protocol. This allows connections from either hosts or local access servers or routers. When a host connects to a local device, this is called a host-initiated connection.
The tasks described in this section define support for host-initiated connections. This support includes refining the list of services that the router will support. An incoming session can be to either a port or a service. The port name is the terminal line number, as reported by the EXEC command show users all. Perform any of the following optional tasks in global configuration mode:
| Task | Command |
|---|---|
| Set the LAT password for a service. | lat service service-name password password |
| Set the LAT service ID for a specific service. | lat service service-name ident identification |
| Specify a static service rating for a specific service. | lat service service-name rating static-rating |
| Configure a LAT rotary group. | lat service service-name rotary group |
| Associate a command with a specific service for auto-execution. | lat service service-name autocommand command |
| Enable inbound connections to a specific service. | lat service service-name enabled |
Use the show lat advertised EXEC command to display LAT services offered to other systems on the network.
A service must be specifically enabled, but not all of the attributes in the previous task table are necessary in a particular environment.
You can configure the Cisco IOS software to support the service responder feature that is part of the LAT Version 5.2 specification.
Specifically, the DECserver90L+, which has less memory than other DEC servers, does not maintain a cache of learned services. Instead, the DECserver90L+ solicits information about services as they are needed.
LAT Version 5.2 nodes can respond for themselves, but LAT Version 5.1 nodes, for example VMS Version 5.4 or earlier nodes, cannot. Instead, a LAT Version 5.2 node configured as a service responder can respond in proxy for those LAT Version 5.1 nodes.
The Cisco IOS software can be configured as a LAT service responder. Of course, if all your nodes are LAT Version 5.2 nodes, you do not need to enable the service responder features.
To control service announcements and service solicitations, perform the following tasks in global configuration mode:
| Task | Command |
|---|---|
| Step 1 Enable a proxy node to respond to solicit-information multicast messages. | lat service-responder |
| Step 2 Disable periodic broadcasts of service advertisements. | no lat service-announcements |
| Step 3 Adjust the time between service announcements. | lat service-timer interval |
Use the lat service-responder command to configure the Cisco IOS software to respond to solicit information requests addressed to LAT Version 5.1 nodes. This function allows nodes that do not cache service advertisements to interoperate with nodes that do not respond to solicit requests. Figure 57 shows how a router can act as a proxy for LAT servers.
The DECserver90L+ broadcasts a solicit information request in search of service "Stella's" address. The VMS host, Stella, is unable to respond to the request because it is running LAT Version 5.1. The access server is running LAT Version 5.2 with service responder enabled and informs the DECserver90L+ of Stella's address.
Use the no lat service-announcements command to disable periodic broadcasts of service announcements. If service announcements are enabled, the LAT node will periodically broadcast service advertisements. If service announcements are disabled, the LAT node will not send service announcements, so a remote node requiring connection to the local node has to use solicit-information messages to look up node information. Only disable service announcements if all of the nodes on the LAN support the service responder feature.
Use the lat service-timer command to adjust the time between LAT service advertisements for services offered. This is useful in large networks with many LAT services and limited bandwidth.
You can customize the environment for transmitting LAT messages. The Cisco IOS implementation of LAT allows you to set the following features:
These features affect all LAT connection types. Perform the following tasks in global configuration mode:
| Task | Command |
|---|---|
| Set the message retransmit limit. | lat retransmit-limit number |
| Set the keepalive timer. | lat ka-timer seconds |
| Set the virtual-circuit timer. | lat vc-timer milliseconds |
To optimize performance for your LAT environment, perform one or more of the following optional tasks beginning in global configuration mode:
| Task | Command |
|---|---|
| Set the maximum number of sessions on a LAT virtual circuit. The maximum, (and default) number of sessions is 255. | lat vc-sessions number |
| Allow a LAT host node to receive more than one message at a time. | lat host-buffers receive-buffers |
| Allow a LAT server node to receive more than one message at a time. | lat server-buffers receive-buffers |
| Specify the delay acknowledgment for incoming LAT slave connections, where number is milliseconds. | lat host-delay number |
Use the lat host-buffers command to set the number of messages received by a host at one time. Increasing this number can enhance performance. Before LAT Version 5.2, LAT allowed only one outstanding message at one time on a virtual circuit. This restriction could limit the performance of the Cisco IOS software processing a large number of messages because only one Ethernet packet of data could be in transit at a time. During virtual circuit startup, each side communicates to the other how many outstanding messages it is willing to accept.
Use the lat server-buffers command to set the number of messages received by a server at one time. Increasing this number can enhance performance. Before LAT Version 5.2, LAT allowed only one outstanding message on a virtual circuit at a time. This restriction limited the performance of Cisco IOS software when it processed a large number of messages, because only one Ethernet packet of data could be in transit at a time. With LAT Version 5.2, nodes can indicate that they are willing to receive more than one message at a time. During virtual circuit startup, each side communicates to the other how many outstanding messages it is willing to accept.
Use the lat host-delay command to set a user-defined delay for the acknowledgment for incoming LAT slave connections. This is useful in situations where you need to control the delay. For example, if data is being transferred between a Digital server (using LAT) and a UNIX host (using Telnet) via a protocol translator, the protocol translator imposes the LAT delay on the Telnet as well as the LAT service, where Telnet may timeout due to the LAT restriction.
Because LAT groups were not intended to implement security or access control, the Cisco IOS software supports access lists to provide these functions. An access list is a sequential collection of permit and deny conditions that serve to restrict access to or from LAT nodes on a specific terminal line. Each access list statement defines a permit or deny condition and a matching criterion for the node name.
When a LAT connection is attempted (either incoming or outgoing), the node name of the destination service (not the service name) is compared against the regular expression. If they match, the connection is permitted or denied as specified.
Perform the following tasks to define access lists and conditions:
You can configure a LAT line so that a remote LAT node can change the operating characteristics of the line. To enable remote LAT modification, perform the following task in line configuration mode:
| Task | Command |
|---|---|
| Enable remote LAT modification of line characteristics. | lat remote-modification |
The Digital Equipment Corporation (Digital) LAT protocol is most often used to connect routers to Digital hosts. LAT is a Digital-proprietary protocol, and the Cisco IOS software uses LAT technology licensed from Digital to allow the following LAT services:
For actual LAT connection examples, see the "LAT Connection Examples" section later in this chapter.
To enable specific LAT connections or services, perform one or more of the following tasks in EXEC mode:
| Task | Command |
|---|---|
| Connect to a LAT host.1 | lat name [node nodename | port portname | /debug] |
| (Optional) Define a temporary list of services to which you or another user can connect by defining the group code lists used for connections from specific lines. | terminal lat out-group {groupname | number | range} |
| (Optional) List available LAT services. | show lat services |
| (Optional) List the subset of Digital commands that the Cisco IOS software supports. | help |
| (Optional) Exit a LAT session by logging off the remote system. Then, terminate the active LAT session. | exit |
You can also set your preferred connection protocol to any available connection protocol supported in the Cisco IOS software. Your preferred connection protocol is also referred to in the Cisco IOS software as a "preferred transport type." If your preferred connection protocol is set to lat, you can use the connect command in place of the lat command. To configure a preferred connection protocol, use the transport preferred command. When your preferred connection protocol is set to none or to another protocol, you must use the lat command to connect to a LAT host.
To specify a temporary list of services to which you or another user can connect, you must define the group code lists used for connections from specific lines. You limit the connection choices for an individual line by defining the group code lists for an outgoing connection. To define a group code list, use the terminal lat out-group command. When a user initiates a connection with a LAT host, the user's line must share a common group number with the remote LAT host before a connection can be made. The group code range must be a subset of the line's configured group code range.
You can have several concurrent LAT sessions open and switch between them. To open a subsequent session, first enter the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) to suspend the current session. Then open a new session. To list the available LAT services, issue the show lat services EXEC command.
To monitor and maintain LAT connections, perform one or more of the following tasks in EXEC mode:
This section contains the following LAT examples:
The following example establishes the LAT service ABLE for your router. Subsequently, your router advertises ABLE (with default group code 0) on the LAN. Other LAT nodes can connect to you using LAT service ABLE, provided the group codes on the LAT nodes and the group codes for ABLE intersect. By default, most LAT nodes, such as OpenVMS Version 5.5 hosts, have user group code set to 0, so you have default access to ABLE.
! Create LAT service with password protection and ! identification string using the following global configuration commands lat service ABLE password secret lat service ABLE ident Welcome to my machine
The following example establishes the LAT service ABLE from your router with selected group codes 1, 4 through 7, and 167. This limits inbound access to those LAT nodes that have group codes that intersect with those for LAT service ABLE.
! Establish a LAT group list lat group-list HUBS 1 4-7 167 ! ! Enable LAT group list for the service-group lat service-group HUBS enabled ! ! Create LAT service with password protection and ! identification string lat service ABLE password secret lat service ABLE ident Welcome to my machine
The following example demonstrates how you can check which LAT services are on the same LAN as your router. Note that your router's own LAT service ABLE is also listed, with the "Interface" column listing the interface as "Local."
able> show lat services
Service Name Rating Interface Node (Address)
CAD 16 Ethernet0 WANDER
ABLE 16 Local
CERTIFY 33 Ethernet0 STELLA
The following example establishes a LAT session to remote LAT service HELLO using an interactive session:
able> lat HELLO
The following example illustrates how LAT services are logically partitioned by terminal line. At the example site, lines 1 through 7 go to the shop floor, lines 8 through 11 go to the Quality Assurance department, and lines 12 through 16 go to a common area.
! Define LAT groupnames
lat group-list DEFAULT 0
lat group-list FLOOR 3
lat group-list QA 4
line 1 7
lat out-group FLOOR enabled
lat out-group DEFAULT disabled
line 8 11
lat out-group QA enabled
lat out-group DEFAULT disabled
line 12 16
lat out-group DEFAULT QA FLOOR enabled
The following example illustrates how to configure a range of lines for rotary connections, then establishes the LAT service named Modems for rotary connection:
! Establish rotary groups line 3 7 rotary 1 ! ! Establish modem rotary service ! lat service Modems rotary 1 lat service Modems enabled
The following example illustrates incoming permit conditions for all IP hosts and LAT nodes with specific characters in their names and a deny condition for X.25 connections to a printer. Outgoing connections, however, are less restricted.
! Permit all IP hosts, LAT nodes beginning with "VMS" and no X.25 ! connections to the printer on line 5 ! access-list 1 permit 0.0.0.0 255.255.255.255 lat access-list 1 permit ^VMS.* x29 access-list 1 deny .* ! line 5 access-class 1 in ! ! Meanwhile, permit outgoing connections to various places on all the ! other lines. ! ! Permit IP access within cisco access-list 2 permit 172.30.0.0 0.0.255.255 ! ! Permit LAT access to the Stella/blue complexes. lat access-list 2 permit ^STELLA$ lat access-list 2 permit ^BLUE$ ! ! Permit X25 connections to infonet hosts only. x29 access-list 2 permit ^31370 ! line 0 99 access-class 2 out
The following example illustrates how to define access lists that permit all connections, thereby conforming to software behavior prior to Software Release 9.0. Keep in mind that the value supplied for the list argument in both variations of the access-class commands is used for all protocols supported by the Cisco IOS software. If you are already using an IP access list, it will be necessary to define LAT (and possibly X.25) access lists permitting connections to everything, to emulate the behavior of earlier software versions.
access-list 1 permit 172.30.0.0 0.0.255.255 access-list 1 permit 172.30.0.0 0.0.255.255 ! line 1 40 access-class 1 out ! define LAT access list that permits all connections lat access-list 1 permit .*
The following example defines a service that communicates with a specific line and defines a rotary with only that line specified. Establish rotary groups using line configuration commands and the rotary line configuration command.
hostname ciscots ! Service name for the access server as a whole lat service ciscopt enable ! Set up some lines with unique service names line 1 rotary 1 lat service ciscopt1 rotary 1 lat service ciscopt1 enable ! line 2 rotary 2 lat service ciscopt2 rotary 2 lat service ciscopt2 enable
The following example establishes a LAT connection from the router named router to host eng2:
router>lat eng2Trying ENG2...Open ENG2 - VAX/VMS V5.2 Username:JSmithPassword:Welcome to VAX/VMS version V5.2 on node ENG2 Last interactive login on Friday, 1-APR-1994 19:46
The system informs you of its progress by displaying the messages "Trying
The following example establishes a LAT connection from the router named router to our-modems and specifies port 24, which is a special modem:
router> lat our-modems port 24
The following example establishes a LAT connection from the router named router to our-modems and specifies a node named eng:
router> lat our-modems node eng
The following example uses the LAT session debugging capability:
router>lat Eng2 /debugTrying ENG2...Open ENG2 - VAX/VMS V5.2 Username:JSmithPassword:Welcome to VAX/VMS version V5.2 on node ENG2 Last interactive login on Tuesday, 5-APR-1994 19:02 [Set Flow out off, Flow in on, Format 8:none, Speed 9600/9600] [Set Flow out off, Flow in on, Format 8:none, Speed 9600/9600] $set ter/speed=2400[Set Flow out off, Flow in on, Format 8:none, Speed 2400/2400]
A variety of LAT events are reported, including all requests by the remote system to set local line parameters. The messages within brackets ([ ]) are the messages produced by the remote system setting the line characteristics as the operating system defaults.
The following example defines a group code list for the outgoing group 4 LAT connection:
router> terminal lat out-group 4, 6-189
IBM 3270 display terminals are among the computing community's most widely implemented and emulated terminals for host-based computing. Information in this section describes the TN3270 terminal emulation environment and how to use and create files that allow terminals connected to the access server or router to be used for TN3270 operation.
This section does not describe how to configure a TN3270 server. For information about configuring TN3270 server support in the Cisco IOS software, refer to the Bridging and IBM Networking Configuration Guide.
The following sections are provided:
TN3270 terminal emulation software allows any terminal to be used as an IBM 3270-type terminal. Users with non-3270 terminals can take advantage of the emulation capabilities to perform the functions of an IBM 3270-type terminal. The Cisco IOS software supports emulation of the following terminal types:
True IBM 3270-type terminals use a character format referred to as extended binary-coded decimal interchange code (EBCDIC). EBCDIC consists of 8-bit coded characters and was originally developed by IBM. Emulation is made possible by the termcap protocol. Termcap functions translate the keyboard and terminal characteristics for ASCII-type terminals into those required for an IBM host.
Formally, a termcap is a two-part terminal-handling mechanism. It consists of a database and a subroutine library. The database describes the capabilities of each supported terminal, and the subroutine library allows programs to query the database and to make use of the values it contains. For more information about defining termcaps, refer to the document termcap & terminfo, by Jim Strang, Tim O'Reilly, and Linda Mui.
The Cisco IOS software includes a default termcap entry for Digital VT100 terminal emulation. More samples are available directly from Cisco at http://www.cisco.com/warp/public/494/1.html. This URL is subject to change without notice.
TN3270 emulation capability allows users to access an IBM host without using a special IBM server or a UNIX host acting as a server (see Figure 58). The IBM host must directly support TCP/IP or have a front-end processor that supports TCP/IP.
A two-step translation method connects IBM hosts from LAT, TCP, and X.25/PAD environments. Refer to the chapter "Configuring Protocol Translation and Virtual Asynchronous Devices" later in this publication for more information about two-step translations. In general, TN3270 support allows outgoing TN3270 connections only. In other words, LAT, TCP, and X.25/PAD users must first establish a connection with the access server or router, then use the TN3270 facility from the Cisco IOS software to make a connection to the IBM host.
Figure 59 shows how the keymapping and TTYcap functionality in the Cisco IOS software helps IBM hosts and non-IBM terminals to communicate.
Keymaps and TTYcaps have the following functionality:
At system startup, the Cisco IOS software uses the following decision sequence when selecting a terminal emulation file, also called a TTYcap:
Figure 60 illustrates the decision process used by the Cisco IOS software to choose a TTYcap for a specific TN3270 session.
At system startup, the Cisco IOS software uses the following decision sequence when selecting a keyboard map file, also called a keymap:
The software uses the following criteria to determine the file to use:
Figure 61 illustrates the decision process used by the Cisco IOS software to choose a keymap for a specific TN3270 session. When one of the first four priority checks fails (that is, the name specified does not match any name in the configuration file), the same rules listed for the terminal emulation file apply.
By default, an ASCII terminal and keyboard connected to the Cisco device emulate a Digital VT100 terminal type.
To connect to an IBM host, enter the tn3270 command from EXEC mode. This command will make the connection using the terminal emulation file selected using the startup sequence priorities outlined in the section "Startup Sequence Priorities" earlier in this section.
Refer to the "Configure TN3270" section later in this document for more information about making connections.
If the default file does not work for your terminal and keyboard type or the host that you connect to, you might be able to find a file that will work from the growing list of sample terminal emulation files created by Cisco engineers and customers. You can obtain the TN3270 examples from Cisco Systems Cisco Connection Online (CCO). Numerous emulation files are listed in here, which allow various terminal types to emulate an IBM 3270-type terminal.
Step 1 Obtain a sample configuration file from the following URL. The TN3270 Keymap Examples document appears. Note that this URL is subject to change without notice.
Step 2 Use a text editor or word processing application to copy the sample terminal emulation file into the configuration file.
Step 3 Load the configuration file onto the host or network. (Refer to the chapter "Loading System Images and Configuration Files" earlier in the Configuration Fundamentals Configuration Guide for information on loading configuration files.)
These steps add new terminal emulation capability to the configuration file. Each time the system is started up, or booted, the settings in the file will be used as the default for terminal emulation.
To connect to an IBM host and configure TN3270, perform the following tasks. Unless specified otherwise, all configuration is performed in global configuration mode.
| Task | Command |
|---|---|
| Step 1 Create a custom terminal emulation file, or TTYcap. | ttycap ttycap-name termcap-entry |
| Step 2 Create a custom keyboard emulation file, or keymap. | keymap keymap-name keymap-entry |
| Step 3 In line configuration mode, specify the type of terminal connected to the line. | terminal-type terminal-name |
| Step 4 In line configuration mode, specify the keyboard map for a terminal connected to the line. | keymap-type keymap-name |
| Step 5 (Optional) In EXEC mode, display a list of the available TTYcap files. | show ttycap [ttycap-name | all] |
| Step 6 (Optional) In EXEC mode, display a list of the available keymap files. | show keymap [keymap-name | all] |
| Step 7 (Optional) Enable TN3270 extended features. | tn3270 datastream [extended | normal] |
| Step 8 (Optional) Enable null processing. | tn3270 null-processing [3270 | 7171] |
| Step 9 (Optional) Specify a resent whenever a 3278-x terminal keyboard locks up. | tn3270 reset-required |
To use a custom emulation file, you must load the emulation settings into the system configuration file. This establishes the settings in the file as the terminal and keyboard defaults and provides several ways in which the emulation settings can be used within the system, as follows:
If you intend to use an alternate TTYcap and keymap, you must assign the following two characteristics:
The terminal and keymap type information is used by the Cisco IOS software when negotiating connections with hosts. Use the terminal-type and keymap-type line configuration commands to assign TTYcap and keymap line characters. You must assign the terminal and keyboard type to the line if you intend to use alternate TTYcap and keymap files.
Use the tn3270 datastream command to cause an "-E" to be appended to the terminal type string sent to the IBM host. This allows you to use the extended TN3270 features.
If a user enters data, uses an arrow key to move the cursor to the right on the screen, and then enters more data, the intervening spaces are filled in with NULLs. To specify how NULLs are handled: enter the command tn3270 null-processing either with the argument 3270, where NULLs are compressed out of the string (as on a real 3278-x terminal), or use the argument 7171, where NULLs are converted to spaces as on a 7171 controller.
On a 3278-x terminal, the keyboard is locked and further input is not permitted after an input error (due to field overflow, invalid entry, and so on), until the user presses the RESET key. Most TN3270 implementations leave the keyboard unlocked and remove any error message on the next key input after the error. Use the tn3270 reset-required command to enable a reset in these situations.
To control the mapping of extended binary coded decimal interchange code (EBCDIC) and ASCII characters, perform one or more of the following optional tasks:
| Task | Command |
|---|---|
| In global configuration mode, create character mappings by configuring a two-way binding between EBCDIC and ASCII characters. | tn3270 character-map ebcdic-in-hex ascii-in-hex |
| In global configuration mode, reset character mappings to their default settings. | no tn3270 character-map {all | ebcdic-in-hex} [ascii-in-hex] |
| In EXEC mode, display character mappings. | show tn3270 character-map {all | ebcdic-in-hex} |
| In EXEC mode, display the hexadecimal value of an ASCII character.1 | show tn3270 ascii-hexval |
| In line configuration mode, temporarily configure the Cisco IOS software to use the 8-bit mask. | tn3270 8bit display |
| In line configuration mode, temporarily configure the Cisco IOS software to use the 8-bit mask if you use a file-transfer protocol such as Kermit in 8-bit mode. | tn3270 8bit transparent-mode |
When you use a file-transfer protocol such as Kermit in 8-bit mode or you use 8-bit graphics, which rely on transparent mode, use the tn3270 8bit transparent-mode line configuration command to configure the software for the 8-bit mask.
You use TN3270 terminal emulation to connect to an IBM 3278-type host. Your system administrator must configure a default terminal emulation file that permits the terminal to communicate with the host. How to specify alternate terminal emulations is described in the earlier section "Configure TN3270."
Unlike Telnet and LAT connections, you must enter the tn3270 command to make a connection to an IBM 3278 host. To begin a TN3270 session, perform the following task in EXEC mode:
| Task | Command |
|---|---|
| Begin a TN3270 connection. | tn3270 host |
To terminate an active TN3270 session, enter the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) and enter the disconnect command at the EXEC prompt. You can also log off the remote system by issuing the command specific to that system (such as exit, logout, quit, close, or disconnect).
For an example of setting TN3270 connections, refer to the next section "TN3270 Configuration Examples."
This section provides the following examples to help you define custom terminal and keyboard emulation files, and to configure your system to use those files:
ttycap ttycap1 \
v8 | vi | tvi925 | 925 | televideo model 925:\
:so=\EG4:se=\EG0:\
:hs:am:bs:co#80:li#24:cm=\E=%+ %+ :cl=\E*:cd=\Ey:ce=\Et:\
:al=\EE:dl=\ER:im=:ei=:ic=\EQ:dc=\EW:\
:ho=^^:nd=^L:bt=\EI:pt:so=\EG4:se=\EG0:sg#1:us=\EG8:ue=\EG0:ug#1:\
:up=^K:do=^V:kb=^H:ku=^K:kd=^V:kl=^H:kr=^L:kh=^^:ma=^V^J^L :\
:k1=^A@\r:k2=^AA\r:k3=^AB\r:k4=^AC\r:k5=^AD\r:k6=^AE\r:k7=^AF\r:\
:k8=^AG\r:k9=^AH\r:k0=^AI\r:ko=ic,dc,al,dl,cl,ce,cd,bt:\
:md=\E(:me=\E):ti=\E):te=\E(:\
:ts=\Ef:fs=\Eg:ds=\Eh:sr=\Ej:xn:\
:is=\El\E"^M\E3^M \E1 \E1 \E1 \E1 \E\
1 \E1 \E1 \E1 \E1^M
keymap ibm7171 \
vt100av | vt100 | vt100nam | pt100 | vt102 | vt125{ \
enter = '^m';\
erase = '^?'; reset = '^g'; clear = '^z' | '\EOM';\
nl = '^j'; tab = '^i'; btab = '^b';\
left = '\EOD'; right = '\EOC'; up = '\EOA'; down = '\EOB';\
home = '^h'; delete = '^d'; eeof = '^e' | '\E^?'; einp = '^w'; insrt = '\EOn';\
pfk1 = '\EOP' | '\E1'; pfk2 = '\EOQ' | '\E2'; pfk3 = '\EOR' | '\E3';\
pfk4 = '\EOw' | '\E4'; pfk5 = '\EOx' | '\E5'; pfk6 = '\EOy' | '\E6';\
pfk7 = '\EOt' | '\E7'; pfk8 = '\EOu' | '\E8'; pfk9 = '\EOv' | '\E9';\
pfk10 = '\EOq' | '\E0'; pfk11 = '\EOr' | '\E-';\
pfk12 = '\EOs' | '\E='; pfk13 = '\EOp\EOP' | '^f13';\
pfk14 = '\EOp\EOQ' | '^f14'; pfk15 = '\EOp\EOR' | '^f15';\
pfk16 = '\EOp\EOw' | '^f16'; pfk17 = '\EOp\EOx' | '^f17';\
pfk18 = '\EOp\EOy' | '^f18'; pfk19 = '\EOp\EOt' | '^f19';\
pfk20 = '\EOp\EOu' | '^f20'; pfk21 = '\EOp\EOv' | '^f21';\
pfk22 = '\EOp\EOq' | '^f22'; pfk23 = '\EOp\EOr' | '^f23';\
pfk24 = '\EOp\EOs' | '^f24';\
pa1 = '^p1' | '\EOS';\
pa2 = '^p2' | '\EOm';\
pa3 = '^p3' | '\EOl';\
}
line 3 terminal-type ttycap1 keymap-type ibm7171
The following example shows the configuration of the EBCDIC and ASCII character mappings listed in Table 16:
tn3270 character-map 0x81 0x78 tn3270 character-map 0x82 0x79 tn3270 character-map 0x83 0x7A
| EBCDIC | ASCII |
|---|---|
| a | x |
| b | y |
| c | z |
The following example displays all nonstandard character mappings:
router# show tn3270 character-map all
EBCDIC 0x81 <=> 0x78 ASCII
EBCDIC 0x82 <=> 0x79 ASCII
EBCDIC 0x83 <=> 0x7A ASCII
The following example shows the standard key mapping for the letter d and c:
router# show tn3270 character-map 83
EBCDIC 0x83 <=> 0x63 ASCII = `c'
EBCDIC 0x84 <=> 0x64 ASCII = `d'
The following example unmaps a specific key, first with optional ascii-in-hex argument, then without the argument:
router#configure terminalEnter configuration commands, one per line. End with CNTL/Z. router(config)#no tn3270 character-map 0x80 0x78router(config)#^Zrouter#show tn3270 character-map allEBCDIC 0x82 <=> 0x79 ASCII EBCDIC 0x83 <=> 0x7A ASCII router#config termEnter configuration commands, one per line. End with CNTL/Z. router(config)#no tn3270 character-map 0x82router(config)#^Zrouter#show t3270 character-map allEBCDIC 0x82 <=> 0x79 ASCII
The following example displays character mappings, then removes all mappings with the all keyword:
router#show tn3270 character-map allEBCDIC 0x81 <=> 0x78 ASCII EBCDIC 0x82 <=> 0x79 ASCII EBCDIC 0x83 <=> 0x7A ASCII router#configure terminalEnter configuration commands, one per line. End with CNTL/Z. router(config)#no tn3270 character-map allrouter(config)#^Zrouter#show tn3270 character-map all
The following example establishes a terminal session with an IBM host named finance:
router> tn3270 finance
To terminate an active TN3270 session, log out of the remote system by issuing the command specific to that system (such as exit, logout, quit, or close). You can also enter the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) and enter the disconnect command at the EXEC prompt. Because the disconnect command can "hang" a port, we recommend that you avoid using it routinely when you exit a session.
The following sections describes the X Windows system and how to configure the Cisco IOS software to support XRemote connections.
Previous window systems for terminals were kernel-based and therefore were closely linked to the operating system running on the workstation itself. They typically only ran on discrete systems, such as a single workstation. The X Window System is not part of any operating system, but instead, is composed of application programs. Thus, the X Window System enables flexible, graphics-based network computing across a wide range of operating systems and hardware platforms.
The underlying architecture of the X Window System is based on a client/server model. The system is split into two parts: clients and display servers. Clients are application programs that perform specific tasks, and display servers provide specific display capabilities and track user input. These two parts can reside on the same computer or can be separated over a network. In an X terminal environment, such as in NCD terminal implementations, the display server resides on the display station and the client resides on a host computer.
Because the X Windows System employs this client/server partitioning and is independent of both the hardware and operating environment, X terminal users can access different types of computers to simultaneously access several applications and resources in a multivendor environment. A user at an X terminal can run and display a calendar program on a VAX, a spreadsheet program on a PC, and a compiler on a workstation concurrently.
There are two basic parts to XRemote:
These two helper processes communicate with each other using the XRemote protocol. The client-side helper communicates with X clients using the standard X protocol. The server-side helper communicates with the server using the standard X Window System. The server-side helper might operate as part of the X server or it might be external and accessed across the network; for example, the server-side helper can operate in an access server or router at your house or work site. If the server-side helper is in the X terminal, it must have XRemote PROMs installed.
XRemote enables a user of a display station to run the X Window System via 9600-baud (and faster) modem connections with performance that is superior to using conventional serial protocols, such as Serial Line Internet Protocol (SLIP). An X display station must either implement XRemote or be connected to a network configuration that includes an access server or router.
The Cisco implementation of XRemote is fully compatible with the NCD XRemote protocol. Figure 62 illustrates an XRemote connection between an X terminal and an access server. In Figure 62, the server-side helper runs on the X terminal, and the client-side helper runs on the access server.
Remote access to fonts is provided in three ways:
A single XRemote user can use any combination of TCP/IP and LAT client connections and any combination of TFTP and LAT font access.
To allow host connections using the NCD's XRemote feature and the access server or router, perform the following tasks. Unless specified otherwise, all commands in this task table are issued from global configuration mode.
| Task1 | Command |
|---|---|
| Step 1 Verify that a modem is externally or internally connected with your access server or router. | |
| Step 2 Define a specific TFTP font server as the source for fonts. | xremote tftp host hostname |
| Step 3 Set the buffer size used for loading font files. | xremote tftp buffersize buffersize |
| Step 4 Increase the number of times that the font loader tries to load the fonts.1 | xremote tftp retries retries |
| Step 5 (Optional) In EXEC mode, display current XRemote connections and monitor traffic. | show xremote |
| Step 6 (Optional) In EXEC mode, display XRemote traffic and line statistics. | show xremote line number |
In general, you can use any modem that provides acceptable performance for your application. The following guidelines apply to an XRemote operation using a modem (refer to the user manual for your modem for specific connection procedures):
Refer to the chapter "Configuring Modem Support and Asynchronous Devices" earlier in this publication for more information about configuring modems.
Perform the following two tasks to select fonts:
When an X terminal application requests a font that is not stored in the terminal's ROM, the X terminal makes a request for a font file from the access server or router. The Cisco IOS software uses the Trivial File Transfer Protocol (TFTP) to load the font from the font server, and then passes the font to the X terminal using the XRemote protocol. The process of loading fonts from the access server or router to the X terminal can take 30 to 45 seconds, depending on the size of the font file.
An X server can display only the fonts it finds in the directories in its font path. The X server's default font path includes only the built-in fonts. To access fonts stored on a host, you must add the host's font directories to the X server's font path. To do this, use the UNIX command xset with the fp+ argument to add fonts to the end of the server's font path.
For example, to allow your display station to access the 100 dots per inch (dpi) fonts found in the standard font directory, run the following command at the host system prompt:
host_prompt% xset fp+ /usr/lib/x11/ncd/fonts/100dpi
For more information, refer to the NCDware XRemote User's Manual.
Downloading of fonts occurs automatically when you initiate a remote DECwindows login session using the EXEC xremote lat command. Instead of relying on TFTP to download the fonts, the fonts are read in via the LAT protocol.
If you want to use DECwindows fonts while running standard X applications on a UNIX host, you need to use the UNIX xset command or an application that issues an XSetFontPath request to set a font path. You might want to do this if you are primarily a TCP/IP user, but also run some DECwindows applications.
Execute xset, or the application to issue an XSetFontPath request, to set the following path:
In this path, SERVICE is a LAT service name with DECwindows support; case is not significant.
When the Cisco IOS software sees a request for font files in that directory, it uses LAT instead of TFTP to access the specified service.
You use the XRemote protocol with an X display station and a modem to connect to remote hosts via TCP/IP and LAT. This section outlines the steps for starting XRemote in several typical environments and for exiting XRemote sessions. It contains the following sections:
When possible, use the automated processes. Make sure that your system administrator has already configured a path for loading fonts.
You can run the XRemote protocols between two servers. This is useful if you use an X display server that does not support XRemote, or if an X display station is connected to a LAN and you want to use the LAN rather than a dial-in link to connect to a server. (Note that XRemote is faster when the X display station connects to a server over a dial-in link.) See the section "Establish XRemote Sessions between Servers."
For an example of making an XRemote connection, see the "XRemote Connection Examples" section.
If your host computer supports a server for XDMCP (such as the xdm program included in X11R4 or later), you can use automatic session startup to make an XRemote session connection. To do so, perform the following task in EXEC mode:
| Task | Command |
|---|---|
| Create a connection with XRemote and an XDMCP server. | xremote xdm [hostname] |
This command sends an XDMCP session startup request to the host computer. If you do not specify a host name, a broadcast message is sent to all hosts. The first host to respond by starting up a session is used.
The server and X terminal stay in XRemote mode until either the display manager terminates the session, or a reset request is received from the X terminal.
If your host computer supports DECwindows login sessions, you can use automatic session startup to make an XRemote session connection. If the system administrator at the remote host configures support for DECwindows over LAT, perform the following task in EXEC mode to initiate the connection:
| Task | Command |
|---|---|
| Create a connection with XRemote and DECwindows over LAT. | xremote lat service |
After you issue this command, expect the following to occur:
Log on to the system. Upon completion of login, more fonts are loaded, and the remote session begins.
If you do not use a host computer that supports XDMCP or LAT, you must use manual session startup. To use manual session startup, perform the following tasks in EXEC mode:
The following sections describe these tasks.
To prepare the XRemote server for manual startup, perform the following task in EXEC mode:
| Task | Command |
|---|---|
| Prepare the XRemote server for manual startup. | xremote |
After you issue this command, instructions prompt you through the process of manually enabling XRemote.
To connect to a host, perform one of the following tasks in EXEC mode:
| Task | Command |
|---|---|
| Prepare the server for XRemote manual startup. | telnet or lat or rlogin |
After entering the command, you can log on as usual.
At this point, you are logged in to the remote host computer.
Inform the host computer of your X display location that the server provided when you enabled XRemote manually.
For most versions of the UNIX operating system, the X display location is set by using the setenv command to set the Display environment variable. Refer to your UNIX system's online X(1) manual page for more information.
On VAX/VMS systems, use the SET DISPLAY command to set the X display location. For more information, refer to the VMS DCL Dictionary.
Now you can start your client applications for your host operating system, as specified in the documentation for the client applications.
The server accepts the X connection attempt from the client application and places the client in a dormant state.
If it is possible to log off the host computer and keep your X clients running in the background, you can do so now. This conserves resources on both the host and the server that would otherwise be inaccessible until you exited from the XRemote state.
If you cannot log off the host computer and keep your clients running, escape back to the access server's EXEC prompt using the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default).
To begin a manual remote session again, refer to the "Enable XRemote Manually" section earlier in this chapter. If the X clients connected successfully, the session is put into XRemote mode, and the clients complete their startup.
If no clients are found, you see the following message:
No X clients waiting - check that your display is darkstar:2018
Check your hosts to determine whether an error has occurred when the session started. The most likely causes are that there is an improperly specified display location, or the host computer did not recognize the name of your server.
If you are on an X display server that does not support XRemote, you can still run the XRemote protocols. An X display server (such as a PCX, MacX, or UNIX workstation) connected to an Ethernet network can dial out through an access server on a conventional modem to access an X client program on a host residing on another network. The access server provides the server-side helper process.
To run XRemote, connect to one of the XRemote ports.
Find out from your administrator whether the connection from your X display server is configured as an individual line or a rotary connection.
For information about how to configure individual lines and rotary connections, refer to the "Configuring Modem Support and Asynchronous Devices" chapter.
Figure 63 illustrates a configuration in which a display server is not running XRemote. In this configuration, the server-side XRemote helper is running on Access Server 1, and the client-side XRemote helper is running on Access Server 2.
When you exit XRemote, you must quit all active X connections, usually with a command supported by your X client system. Usually, when you quit the last connection (all client processes are stopped), XRemote closes and you return to the EXEC prompt. Check your X client system documentation for specific information about exiting an XRemote session.
The following example illustrates how to specify IBM-1 as the host name of the TFTP font server, specify 7 retry attempts at accessing the server, and reduce the buffer size to 20,000 bytes.
xremote tftp host IBM-1 xremote tftp retries 7 xremote tftp buffersize 20000
Use the examples in this section to understand how to make the following XRemote connections:
The following example starts a session with a remote host named star:
router>xremote xdm star
The following example begins connection with a LAT service named WHIRL:
router> xremote lat WHIRL
The following example illustrates how a successful manual XRemote session begins:
dialup> xremote
XRemote enabled; your display is dialup:2006
Start your clients and type XRemote again
The system replies with a message informing you of your X display location. Use this information to tell the host the location of your X display server.
If no clients are found, you see the following message:
No X clients waiting - check that your display is darkstar:2006
Check your hosts to determine whether an error has occurred when the session started. The most likely causes are that there is an improperly specified display location or the host computer did not recognize the name of your server.
The following example shows how to make a connection from an X display terminal through a server to a host running client programs:
Step 1 Enter the xremote command at the EXEC prompt.
dialup> xremote
Step 2 Read and follow the instruction from the host.
XRemote enabled; your display is dialup:2006 Start your clients and type XRemote again
Step 3 Connect to the client.
dialup> telnet eureka
Trying EUREKA.NOWHERE.COM (252.122.1.55)... Open
SunOS UNIX (eureka)
Step 4 Log on at the prompt.
login: deal
Password:
Last login: Fri Apr 1 17:17:46 from dialup.nowhere.com
SunOS Release (SERVER+FDDI+DBE.patched) #14: Fri Apr 8 10:37:29 PDT 1994
Step 5 At the client prompt, enter the display name from Step 2 in this procedure and the xterm command.
eureka%setenv DISPLAY dialup:2006eureka%xterm &[1] 15439
Step 6 Disconnect from the client.
eureka% logout
[Connection to EUREKA closed by foreign host]
Step 7 Begin the XRemote session.
dialup> xremote
Entering XRemote
The server and X terminal stay in XRemote mode until either the display manager terminates the session, or a reset request is received from the X terminal.
Connection closed by foreign host. eureka%
This section provides two examples of XRemote connections between servers.
The following example shows how an XRemote connection is established for a configuration such as the one shown in Figure 63 in the "Establish XRemote Sessions between Servers" section earlier in this chapter. This example assumes that the administrator has set the display environment variable to identify and match the user's X display terminal.
Step 1 From the PCX, MacX, or UNIX machine in Figure 63, the user connects to port 9003 on Access Server 1. If your administrator has configured a rotary number 7, the user connects to port 10007. For more information about rotary groups, refer to the chapter "Configuring Modem Support and Asynchronous Devices" in this publication.
Access Server 1 connects the user to a modem.
The modem calls Access Server 2.
Step 2 Enter the xremote command at the Access Server 2 prompt.
Step 3 Connect to the remote host from Access Server 2 using the telnet command.
Step 4 Start the X client program that runs on the remote host and displays on the X display server (PCX, MacX, or UNIX host).
Step 5 Escape from the remote host back to the Access Server 2, or log out if clients were run in the background, and enter the xremote command again at the Access Server 2 prompt.
The following example shows the steps to make an XRemote connection between servers. The number 9016 in the first line of the display indicates a connection to individual line 16. If the administrator had configured a rotary connection, the user would enter 10000 plus the number of the rotary (instead of 9016).
Step 1 Enter the telnet command to make the connection.
space% telnet golden-road 9016
Trying 192.31.7.84 ...
Connected to golden-road.cisco.com.
Escape character is '^]'.
Step 2 Supply the password for TACACS verification.
User Access Verification
Password:
Step 3 Dial in to the remote system using the modem, and then log in.
atdt 13125554141DIALING RING CONNECT 14400 User Access Verification Username:dealPassword: Welcome to the cisco dial-up access server.
Step 4 Enter the xremote command at the EXEC prompt, then follow the instructions from the host.
dialup> xremote
XRemote enabled; your display is dialup:2006
Start your clients and type XRemote again
Step 5 Connect to the client.
dialup>telnet sparksTrying SPARKS.NOWHERE.COM (252.122.1.55)... Open SunOS UNIX (sparks) login:dealPassword:Last login: Fri Apr 1 17:17:46 from dialup.nowhere.com SunOS Release (SERVER+FDDI+DBE.patched) #14: Fri Apr 8 10:37:29 PDT 1994
Step 6 At the client prompt, enter the display name from step 4 and the xterm command.
sparks%setenv DISPLAY dialup:2006sparks%xterm &[1] 15439
Step 7 Disconnect from the client.
sparks% logout
[Connection to SPARKS closed by foreign host]
Step 8 Begin the XRemote session.
dialup> xremote
Entering XRemote
When the connection is closed by the foreign host, the Xterm window appears on the local workstation screen.
Connection closed by foreign host. sparks%
|
|