How to Assign Unique IP Addresses for Each Serial Port (Firmware V3.5.x and later)
With console server firmware V3.5.x and later, you can use the GUI to assign a unique IP address for each serial port. Earlier versions require command line scripting (see Firmware Pre-V3.5 section).
The example below configures four IP addresses on the primary Network Interface for serial access via SSH.
- Click System → IP → Network Interface
- Under IP Alias, use a comma to separate the list of IP addresses for the serial ports in CIDR notation (192.168.0.101/24, 192.168.0.102/24, 192.168.0.103/24, 192.168.0.104/24)
- Click Apply
- Click System → Firewall → Port/Protocol Forwarding → New
- Name: Serial Port 1
- Destination Address: 192.168.0.101/24
- Input Port Range: 22
- Output Port Range: 3001
- Click Save
- Repeat for each serial port; replace Name, Source Address and Output Port Range.
Note: The following is the CLI command to set up the first two ports:
config \
-s config.interfaces.wan.alias='192.168.0.101/24, 192.168.0.102/24' \
-s config.firewall.portforwards.portforward1.in_interface=any \
-s config.firewall.portforwards.portforward1.in_ports=22 \
-s config.firewall.portforwards.portforward1.dst_ip=192.168.0.101 \
-s config.firewall.portforwards.portforward1.name='Serial Port 1' \
-s config.firewall.portforwards.portforward1.out_ports=3001 \
-s config.firewall.portforwards.portforward1.protocol=tcp \
-s config.firewall.portforwards.portforward2.in_interface=any \
-s config.firewall.portforwards.portforward2.in_ports=22 \
-s config.firewall.portforwards.portforward2.dst_ip=192.168.0.102 \
-s config.firewall.portforwards.portforward2.name='Serial Port 2' \
-s config.firewall.portforwards.portforward2.out_ports=3002 \
-s config.firewall.portforwards.portforward2.protocol=tcp \
-s config.firewall.portforwards.total=2
config -r ipconfig
How to Assign Unique IP Addresses for Each Serial Port (Firmware Pre-V3.5)
With console server firmware pre-V3.5, you can use the script below to assign a unique IP address for each serial port. To execute the script, create a file called filter-custom under /etc/config. This will ensure the script remains unaffected by firewall rules and configuration changes. Update the IP and IPSTART values within the script to reflect the IP of the device and the starting value of the IP range. Reboot the device to execute the script.
#!/bin/sh
IPTABLES="/bin/iptables"
MODEL=`config -g config.system.model | cut -f2 -d' '`
if [ "$MODEL" = "IMG4216-25" ]; then
OOB_IP=$(ifconfig eth1:0 2> /dev/null | grep inet\ addr | cut -f2 -d':' | cut -f1 -d' ')
MGMT_IP=$(ifconfig eth1 2> /dev/null | grep inet\ addr | cut -f2 -d':' | cut -f1 -d' ')
fi
MGMTLAN_IN=MgmtLanInput
MGMTLAN_OUT=MgmtLanOutput
OOB_IN=OobInput
OOB_OUT=OobOutput
DYNADDR_IN=DynAddrInput
DYNADDR_FORWARD=DynAddrForward
export CASCADE=Cascade
export CASCADENAT=CascadeNat
export CASCADEMASQ=CascadeMasq
# Script paths
CUSTOMFILE=/etc/config/filter-custom
CASCADEFILE=/etc/config/filter-cascade
RULESFILE=/etc/config/fw.rules
cat /etc/config/fw.rules | iptables-restore
# Enable IP forwarding between network interfaces
echo 1 > /proc/sys/net/ipv4/ip_forward
if [ ! -z "${MGMT_IP}" ]; then
${IPTABLES} -A ${DYNADDR_IN} --destination ${MGMT_IP} -j ${MGMTLAN_IN}
${IPTABLES} -A ${DYNADDR_OUT} --source ${MGMT_IP} -j ${MGMTLAN_OUT}
fi
if [ ! -z "${OOB_IP}" ]; then
${IPTABLES} -A ${DYNADDR_IN} --destination ${OOB_IP} -j ${OOB_IN}
${IPTABLES} -A ${DYNADDR_OUT} --source ${OOB_IP} -j ${OOB_OUT}
fi
if [ -f ${CASCADEFILE} ]; then
. ${CASCADEFILE}
fi
#
# Set up IPv6 firewall
#
if [ -f /etc/rc.firewall6 ]; then
/bin/sh /etc/rc.firewall6
fi
IP=192.168.254
IPSTART=180
# Create the aliases
export PORTS=`ls /var/dev/ | grep port | sed s/port// | awk '{ printf("%d\n", $0) }'`
for port in $PORTS
do
ifconfig eth0:$port $IP.$(($port + $IPSTART)) netmask 255.255.255.0 up done
# Redirect 22 on these aliases to the 300x
for port in $PORTS
do
iptables --append PREROUTING --table nat --in-interface eth0 --protocol tcp --destination $IP.$(($port + $IPSTART)) \
--dport 22 --jump DNAT --to :$(($port + 3000))
done
