cisco ISR 4431. transport input ssh for tty line

Question

What does configuring "transport input ssh" for a tty line mean in a Cisco serial/console server?

Here is my config on ISR:

# show ver
:
:
cisco ISR4431/K9 (1RU) processor with 1796073K/6147K bytes of memory.
Processor board ID FGL23173211
1 Virtual Ethernet interface
8 Gigabit Ethernet interfaces
16 terminal lines
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
6598655K bytes of flash memory at bootflash:.
0K bytes of WebUI ODM Files at webui:.

Configuration register is 0x2102

vrf definition Mgmt-intf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family

ip host testserver 2026 10.1.1.1

interface Loopback0
 ip address 10.1.1.1 255.255.255.0

interface GigabitEthernet0
 vrf forwarding Mgmt-intf
 ip address 172.24.136.57 255.255.255.128
 negotiation auto
!
interface Vlan1
 no ip address

ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http client source-interface GigabitEthernet0
ip route 172.25.228.4 255.255.255.255 172.24.136.1
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 172.24.136.1
!
ip ssh time-out 60

menu isr title ^C
##########################################################################                                                                        #
# cisco isr for testing
##########################################################################
^C
menu isr prompt ^C
enter your menu choice
^C
menu isr text 2 console of testserver
menu isr command 2 telnet 10.1.1.1 2026
menu isr text q disconnect from terminal server
menu isr command q exit
menu isr text d disconnect line
menu isr command d disconnect
menu isr text c clear line 26
menu isr command c clear line 26
menu isr text e menu-exit
menu isr command e menu-exit
menu isr clear-screen
menu isr line-mode
!

line con 0
 transport input none
 stopbits 1
line aux 0
 stopbits 1
line 0/2/0 0/2/15
 transport input ssh
 transport output all
line vty 0
 exec-timeout 30 0
 login local
 autocommand  menu isr
 transport input ssh
 transport output telnet

With "transport input all", I can issue "connect testserver" and I'm able to access hardware through console port that is connected from line 26 of ISR to the console port on server. With "transport input ssh", "connect testserver" says "connection refused". Does it mean that ISR is trying to open a TCP connection to some port on my testserver?

Appreciate any help. Didn't find much documentation for this.

score 0 · Answer 1 · answered Jun 18 '21 at 16:43

https://www.youtube.com/watch?v=IcCQRrUXdiE
https://www.youtube.com/watch?v=TDZLoLKtUro
https://etherealmind.com/cisco-ios-reverse-ssh-terminal-server-console-access/

those 3 videos explain how to get "transport input ssh" to work. once configured, one can ssh into a specific port of console server which will get you to the console of server that is connected to serial concentrator.

cisco ISR 4431. transport input ssh for tty line

1 Answers1