Solved: Cisco telnet line 2 and line 131

valya.cello · ‎11-03-2021

Hello, friend!

I have Cisco 2951.

I have telnet on lines Line 2 and 131.

Can someone say must telnet be closed at all? Or it can be used for technical purposes on device?

I never see lines 2 and 131. ( I know what there is vty 0 15 and console). But what is purpose of line 2 and 131?

I found this information: «Line 2 is reserved for 2nd core console for all of the ISR G2 platforms. The line is used to provide a console to the embedded service engine on these platforms.».

«About line 131 I found these: Line 131 only allows 115000 or 9600 baud. Service Module supports session via TTY line 131.»

On 131 I have telnet and rlogin. I found that rlogin is complements telnet with security. Also line 131 is use lat pad protocols ( As I understood it is for modems and other).

Is anybody used line 2 and 131 in real life? May be you have good guide or resource about this lines? I want to understand what it is.

Thank you for support.

Velly.

paul driver · ‎11-05-2021

Hello
You can specify specific vty lines for accessing your device using a feature called Rotary.

Rotary usually begins with either 100-200-300 values
conf t
line vty 131
rotary 99
transport input telnet/ssh

Now when you telnet/ssh to that specific rotary value you will access via that specifc vty port.
telnet x.x.x.x 3099
ssh x.x.x.x 3099

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎11-05-2021

Hello
You can specify specific vty lines for accessing your device using a feature called Rotary.

Rotary usually begins with either 100-200-300 values
conf t
line vty 131
rotary 99
transport input telnet/ssh

Now when you telnet/ssh to that specific rotary value you will access via that specifc vty port.
telnet x.x.x.x 3099
ssh x.x.x.x 3099

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

i.voevodin · ‎10-18-2022

Hello Paul,

You are not careful read question of topic starter. He asking about "Line 2" and "Line 131" in real life scenario. But you provide answer how to accomplish rotary port for line vty.

Back to topic starter question. He is right in his observation that line 2 and 131 is used for internal purpose of ISR G2 2900\3900 platforms.

Here is screenshot from Cisco guide :

https://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/cimce/1-0/configuration/guide/CIMCe.html

Regarding line 131 there is next cisco guide:

https://community.cisco.com/t5/ip-telephony-and-phones/urgent-unity-express-in-internal-service-module/td-p/2115901

Used for Cisco Unity Express.

@valya.cello I'm suggest that most of that products is reach End Of Support date, and not very rare used in modern networks, that could explain lack of documentations.

Regarding security risks, both of that line include 'no exec' which means, you are never get login prompt under that line. That automatically exclude that line from VTY.

In real life you will see such configuration when you install ISM module to your ISR G2 platform. It will configured automatically and cannot be deleted.

valya.cello · ‎11-08-2021

Thank you very much!