Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1956
Views
5
Helpful
5
Replies

what is the difference between (ip ssh maxstartups 5) and (vty 0 4)

Sudqi
Level 1
Level 1

‎10-15-2019 12:10 PM

what is the difference between (ip ssh maxstartups 5) and (vty 0 4), as i know vty 0 4 is to make 5 users connect to the device in the same time, but what is the needed for (ip ssh maxstartups)?

Labels:
0 Helpful
5 Replies 5

luis_cordova
VIP Alumni
VIP Alumni

‎10-15-2019 12:20 PM

Hi @Sudqi 

 

The line vty 0 4 command allows you to access the line configuration mode, where you can enter the parameters for those 5 vty lines.
You must keep in mind that more than 5 lines can be enabled on the devices.

 

The ip ssh maxstartups [number] command allows you to limit the number of simultaneous connections per SSH

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-i3.html#wp3414043258

 

Regards

 

Sudqi
Level 1
Level 1
In response to luis_cordova

‎10-15-2019 12:34 PM

thank you Iuis for the reply

 

"You must keep in mind that more than 5 lines can be enabled on the devices" 

 

i doesn't understand this sentence, what is the lines used for?

0 Helpful

luis_cordova
VIP Alumni
VIP Alumni
In response to Sudqi

‎10-15-2019 12:55 PM

Hi @Sudqi 

 

"You must keep in mind that more than 5 lines can be enabled on the devices" 

 

I meant that in many cisco devices you can enable more than 5 vty lines, for example, with the command line vty 0 15, where you can configure the parameters for 16 vty lines.

https://community.cisco.com/t5/other-network-architecture/how-many-vty-lines-are-there/td-p/176783

 

Regards

 

0 Helpful

Sudqi
Level 1
Level 1
In response to luis_cordova

‎10-15-2019 09:32 PM

@luis_cordova 

 

but maxstartups  up to 128 !

0 Helpful

luis_cordova
VIP Alumni
VIP Alumni
In response to Sudqi

‎10-16-2019 05:49 AM

Hi @Sudqi 

 

That's right.

In fact, there are versions of IOS that allow many more vty lines.
Check out this community discussion:

https://community.cisco.com/t5/firewalls/best-practices-for-securing-vty-lines/td-p/2105377

Regards

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents