Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
0
Helpful
3
Replies

logging telnet

venancio.martinez
Level 1
Level 1

‎12-18-2002 08:12 AM - edited ‎03-09-2019 01:26 AM

We need to write in the logging buffer when someone telnet one router. That is, to have one message saying who and when some IP address did telnet to a router.

Does anyone know how to do it?

TIA

Labels:
0 Helpful
3 Replies 3

bhaase
Level 1
Level 1

‎12-18-2002 12:20 PM

You could add a line to your incoming access-list that looks like the following:

access-list permit tcp any host eq telnet log-input

and turn on syslogging

Bryan

0 Helpful

venancio.martinez
Level 1
Level 1
In response to bhaase

‎12-19-2002 02:43 AM

Thank you very much.

But now we have another problem: we have a message in the log buffer with the IP address that have done telnet to our router. This person is inside the router and can erase the log, so we cannot know who entered in the router, which is the purpose of that.

We have thought about sending these messages to a syslog server, so they will be secure. But we want only these messages to be sent to the syslog server, not the others. If one interface goes down, I don't want this message to be sent to the syslog server, only the telnet of the intruder.

TIA.

0 Helpful

bhaase
Level 1
Level 1
In response to venancio.martinez

‎12-19-2002 07:25 AM

The best solution is to setup a TACACS+ server. That way all authentication activity is logged on a TACACS+ server including who logged in and what commands they used.

Bryan

0 Helpful
Customers Also Viewed These Support Documents