04-13-2005 04:34 AM - edited 03-02-2019 10:27 PM
Hi there
I've enabled ssh on my mosted beloved Cat3750 Switch. Now I'd like to disable TELNET.
This is my configuration:
------------------------------------------------
!
enable secret cisco
!
username cisco privilege 15 secret cisco
aaa new-model
aaa authentication login default local-case
aaa authentication login cisco none
!
no ip http server
ip http secure-server
!
line con 0
line vty 0 4
password cisco
login authentication cisco
transport preferred ssh
transport input ssh
line vty 5 15
!
end
(boring stuff is outlined...)
Could anybody give me some advice to get rid of TELNET?
Thanks in advance
04-13-2005 04:47 AM
I hope there is nothing configured for line vty 5 15?
Ankur
04-13-2005 05:53 AM
Two considerations, firstly ensure that all your VTY sessions have the same configuration applied, you only have the first 5 session configured.
Secondly, I would be inclined to also specificy transport output none on all of your vty. This restricts outbound telnet or ssh sessions once a telnet onto this gateway has been established.
This especially useful if this gateway has been compromised for example. However, if you find this useful, then perhaps only enable outbound telnet or ssh on the Console port, therefore you have be connected via the console before you could telnet to another gateway.
Hope this helps
Allan.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide