Access serial console of another device thru Checkpoint Appliance USB port


I had the need to configure a new Cisco 3750 switch at a remote site with minimal hands-on help.   I had remote ssh access to an R80.20 3100 appliance on site and wondered if could use the 3750 console cable plugged into the 3100 to access the 3750 switch console.

I arranged for the mini-USB end of the 3750 console cable to be plugged into the Cisco 3750 mini-USB console port and the other end to be plugged into the Checkpoint 3100 appliance Type-A USB  port.

Running the dmesg command in expert mode I could see that the GAIA kernel had created a serial device file after the cable was connected:

[Expert@sta-fw01:0]# dmesg | tail -30
usb 1-1.2: new full speed USB device using ehci_hcd and address 3 usb 1-1.2: configuration #1 chosen from 1 choice drivers/usb/class/cdc-acm.c: This device cannot do calls on its own. It is no modem. cdc_acm 1-1.2:1.0: ttyACM0: USB ACM device usbcore: registered new driver cdc_acm drivers/usb/class/cdc-acm.c: v0.25:USB Abstract Control Model driver for USB modems and ISDN adapters

Using the cat command I could see that I had good serial connectivity to the switch:

[Expert@sta-fw01:0]# cat < /dev/ttyACM0 
Apr  3 01:26:06.726: %USB_CON

Now I just needed to find a terminal emulation program in GAIA that would give me an interactive connection over the serial port to the switch.   I searched for tip, minicom and several others to no avail, and then I discovered that GAIA comes with the picocom terminal emulation program installed.

I just ran the command: picocom /dev/ttyACM0  and bingo I had an interactive connection over the USB serial cable to the switch:


[Expert@sta-fw01:0]# picocom /dev/ttyACM0 
picocom v2.1
port is        : /dev/ttyACM0
flowcontrol    : none
baudrate is    : 9600
parity is      : none
databits are   : 8
stopbits are   : 1
escape is      : C-a
local echo is  : no
noinit is      : no
noreset is     : no
nolock is      : no
send_cmd is    : sz -vv
receive_cmd is : rz -vv -E
imap is        : 
omap is        : 
emap is        : crcrlf,delbs,

Type [C-a] [C-h] to see available commands

Terminal ready

Apr  3 01:42:26.784: %LINK-3-U
Switch> en
Switch# show ver | inc Cisco
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.2(1)E2, RELEASE SOFTWARE (fc1)

 Once connected via picocom, Ctrl-a Ctrl-h displays a helpful list of escape sequences like Ctrl-a Ctrl-x to end the session:


*** Picocom commands (all prefixed by [C-a])

*** [C-x] : Exit picocom
*** [C-q] : Exit without reseting serial port
*** [C-b] : Set baudrate
*** [C-u] : Increase baudrate (baud-up)
*** [C-d] : Decrease baudrate (baud-down)
*** [C-i] : Change number of databits
*** [C-j] : Change number of stopbits
*** [C-f] : Change flow-control mode
*** [C-y] : Change parity mode
*** [C-p] : Pulse DTR
*** [C-t] : Toggle DTR
*** [C-|] : Send break
*** [C-c] : Toggle local echo
*** [C-s] : Send file
*** [C-r] : Receive file
*** [C-v] : Show port settings 


Anyways, I thought others may find this helpful for remote configuration of devices with a USB console port in a pinch. 

The same method could be used to remotely configure a Checkpoint Appliance manually using isomorphic USB GAIA installation and the config_system command for the first time configuration.


Nice, had no idea that was possible.

This is great! Thank you for sharing.

Have you also tried a rollover cable from the serial port of the CP to the console port of the cisco? (Rollover means 1-8, 2-7, 3-6 etc)
I know this works the other way around from Cisco routers with the aux port, just connect to the IP of the router with telnet on port 2001, you only need to make sure to make some proper adjustments to the aux port, like 'transport input all' and 'no-exec'.
Regards, Maarten
Nice hack!

picocom is only available from 80.20 (and up?), I tried on R77.30 and R80.10 but only R80.20 has picocom aboard.
Regards, Maarten

work on 77.30

