09
- September
2011
Posted By : Gom Jabbar
No Comments
Cisco ASA – Console Session via OS X Terminal Application

Impromptu repairs to a Cisco ASA after a strategy meeting today.

Allegedly, my customer and the ASA had had an argument at the office watercooler. Something about whether the Three Laws would factor in a fight between RoboCop and the good Terminator. Rash words were exchanged. And as a result, the ASA was now in a sulk and refusing to take orders from humans.

So. No way to manage it remotely via SSH, ASDM or Telnet. Console it is, then.

Tools on hand were: customer’s MacBook (primarily used for important structural analysis research i.e. Angry Birds), a console cable (mint in slightly-dusty Cisco packaging on top of the server cabinet) and a USB-to-Serial adapter (from toolkit in my scooter). However, there was no terminal emulation program, such as SecureCRT, installed on the MacBook. Just angry, angry little birds.

I plugged in one end of the console cable to the console port of the ASA, and the other end to the USB-to-Serial adapter. I plugged the adapter into a spare USB port on the MacBook, closed Angry Birds, opened Terminal and ran a

ls -l /dev/tty.*

to see if the adapter was listed. It wasn’t. So I needed drivers for the adapter.

A quick look in the System Profiler under USB will tell you who the adapter manufacturer is. Mine is made by FTDI and I got the drivers here.

After installing the drivers, the MacBook detected the USB-to-Serial adapter. That’s it, right at the bottom.

MacBook:~ birdman$ ls -l /dev/tty.*
crw-rw-rw-  1 root  wheel   11,   2 Jun 13 04:22 /dev/tty.Bluetooth-Modem
crw-rw-rw-  1 root  wheel   11,   0 Jun 13 04:22 /dev/tty.Bluetooth-PDA-Sync
crw-rw-rw-  1 root  wheel   11,   4 Sep  9 10:03 /dev/tty.usbserial-ftDIDRRX

Since I did not have SecureCRT installed, I went back into the built-in Terminal program. To console into the ASA, I used the screen command and specified a baud rate of 9600.

MacBook:~ birdman$ screen /dev/tty.usbserial-ftDIDRRX 9600

In like Flynn. As it turns out, I did not have to restore Asimov’s Three Laws. Just the accidentally-deleted IP address on the management interface.

As I leave the site, I hear the customer and the ASA arguing about who would win in a fight, Deckard or Han Solo?

Well, duh. Everyone knows Han shoots first.

Additional Information:

screen command at SS64

Category: