On Sun, Apr 09, 2023 at 10:17:48AM +0200, Hans Hübner wrote:
Am Fr., 7. Apr. 2023 um 07:36?Uhr schrieb Mantas Mikul?nas <grawity@...>:
I finally decided to add mine, just a pile of old Cisco routers to poke
around (though at the moment I'm not sure if the telebahn x.25 profile is
set up right, as so far I've been only playing with serial links between
identical systems)
Thank you for setting that up!? I could successfully connect to?14704100 after
I had tweaked my configuration.? ?Would you be willing to share your
configuration?? I could not quite figure out how to enable inbound X.29
connections to the router itself.
As far as I could figure out (IOS documentation is *really* scattered):
- "x25 routing" implicitly enables inbound XOT connections in general
(starts listening on TCP port 1998). However, if you define a profile
and associate it with "xot access-group...", then only connections
matching one of the access-lists will be allowed, so make sure the
access-list in question has "permit any".
- "service pad from-xot" is required to allow the router itself to
accept PAD calls via XOT (the default is only to route calls onward),
but the router still needs to be told what its X.121 address is.
(Without an address it won't know what calls are "local".)
- For physical X.25 interfaces, like Serial0/0, "x25 address" can be
set per-interface to define the router's own X.121 address, though of
course not for XOT since there's no interface.
interface Serial0/0
x25 address 147041
(It's enough to dial "pad 147041", not necessarily 14704100.)
- If you have an "x25 profile TELEBAHN dxe" associated to XOT, you can
define the local X.121 address as "x25 address" under that profile:
x25 profile TELEBAHN dxe
x25 address 147041
access-list 10 permit any
xot access-group 10 profile TELEBAHN
So instead of e.g. incoming calls via Serial0/0 being matched against
that interface's address, you have incoming calls from 'any' IP being
matched against the profile's address.
- Finally, if there is *no* matching XOT profile (or no "x25 address"
on the inbound Serial interface), then the local address seems to be
determined by *resolving the router's own hostname*, either by
looking for 'X25' records in DNS or an "x25 host" config (which is
pretty much the IOS equivalent of /etc/hosts):
hostname Cisco1470-top
[...]
x25 host Cisco1470-top 147041
If an XOT "x25 profile" is defined, then it seems the address *must*
be set on that profile, and the host lookup is not used.
(Yes, you can have X.25 addresses in DNS and use them in the IOS CLI,
e.g. "pad cisco2.symlink.lt" will dial 147042, similar for static
"x25 host" entries.)
- This also defines the router's "calling" or "source" address it'll
indicate for outbound calls (when they're routed via that interface
or via XOT).
Use "debug x25 all" (and "terminal monitor" to see debug via Telnet) to
see a bit of what's happening when the router receives a PAD call. You
could try to make a "pad" call from 147041 back to your own system, but
I'll need to know the XOT hostname and add a route if it's not set up
under x25.org yet.
PAD logins use the same 'line vty' pool as Telnet logins:
- Make sure your lines are not restricted to 'transport input telnet'.
- One way to define custom "sub-addresses" (the trailing part after the
router's own X.121 address, zero-padded by default) is to define
"rotary <subaddress>" for a vty line. This grabs calls to 14704118
and routes them to somewhere boring:
line vty 12 15
no login
rotary 18
transport input pad
autocommand telnet DuneGW.sym
! the username is 'guest'
--
Mantas Mikul?nas
