Solved: Re: Telnetting to specific vty port

kevtown · ‎02-24-2003

I know that it is possible to reverse-telnet to a specific serial port on some routers by telnetting to a specific tcp port. For example:

to reverse-telnet to Interface Async 5 with a tty line identifier of 5 you would telnet to the routers local IP address at port 2005

I'd like to have the same capability with vty ports.

I have a router that uses Cisco Lock-and-Key authentication to add a dynamic access list entries for any host ip which logs into port vty 0. I also want the ability to log into the router itself to establish an EXEC session. To do this currently I must open a second telnet session before the one to vty 0 terminates.

To make a long story short here is how I'd like it to work.

move Lock and Key authentication to port vty 4

telnet to <router IP> port 20004 to go login to port vty 4

generic telnet to <router IP> port 23 will rotate through preceding vty ports 0 through 3 as usual to establish EXEC session.

Is this doable? If so provide a sample configuration and/or instructions.

Thank you.

Erick Bergquist · ‎02-24-2003

Actually, you can by configuring the vty as a rotary group.

line vty 4

transport input all

rotary 4

Lets you telnet to router on port 3004. 23 is also open though, but you can use an access-class to restrict use to vty 4 if needed.

Or by using NAT (more dirty):

ip nat inside source static tcp 172.16.55.1 23 172.16.55.1 2002 extendable

interface Ethernet0

ip address 172.16.55.1 255.255.255.0

interface ...

ip address 10.0.0.1 255.255.255.0

ip nat outside

View solution in original post

tepatel · ‎02-24-2003

There is no way to telnet to specific vty port on a router. Vty ports will be picked upon availability.

Erick Bergquist · ‎02-24-2003