no exec

akhilkamalakaran · ‎09-30-2018

what is the purpose of #no exec under line vty or console?

balaji.bandi · ‎09-30-2018

From notes :

When you want to allow an outgoing connection only for a line (no incoming) use the no exec command. When a user tries to Telnet to a line with the no exec command configured, the user will get no response when pressing the Return key at the login screen.

https://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/command/reference/ffun_r/frf004.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

paul driver · ‎09-30-2018

Hello

exec allow you to gain user exec access to remote device , no exec on the vty lines will deny you access , meaning you will not even obtain any username or password prompt you should just get denied.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

sejamc71 · ‎07-18-2019

no exec - I used CLI analyzer essentially to give my config a once over. It came back with ...you should secure console lines ...here is the fix sort of thing. Not thinking, I put in the config...which happened to include no exec. So, of course I now no longer have console access to my switches which is needed as I use a console switch to connect for tweaks and stuff. How do I go about removing this from the console port so that I can again access the console port. I can't seem to find a way to reverse this.

Thanks for any assistance.

line con 0
exec-timeout 0 0
authorization exec admin
logging synchronous
login authentication admin
transport output ssh
stopbits 1
line aux 0
no exec
transport output ssh
stopbits 1

sejamc71 · ‎07-18-2019

Brain fuzz....I guess I just had to look at my own config..lol...I removed the config and then ..put it back in at the end. sorry to waste everyones time.

cpgrigo · ‎03-31-2023

you have to enter the mode called rommon
1 . Attach a PC with putty to the console port of the switch
open putty with these settings
Bits per second (baud): 9600
Data bits: 8
Parity: None
Stop bits: 1
Flow Control: Xon/Xoff
2. Unplug the power cable.
3, keep pressing the sw button and power the switch until the SYSTLED blinks amber and then turns solid green. When you release the Mode button, the SYSTLED blinks green.
4 now get the switch prompt:
switch:
5 Issue the :
switch: flash_init
switch: dir flash:
6. rename the configuration file.
rename flash:config.text flash:config.old
7 Issue the boot command to boot the system.
switch: boot
8. Enter "n" at the prompt to abort the initial configuration dialog.
Switch>en
Switch#
9. Type rename flash:config.old flash:config.text to rename the configuration file with its original name.
10 Copy the configuration file into memory
Switch#copy startup-config running config
11 now you have access to the global configuration mode and you can delete the no exec command. that is, replace it with exec

it should work

Hicham_y · ‎01-18-2023

If no exec is used under a con 0.

How would I resolve that issue?

Would I just use exec under con 0 again?

Richard Burts · ‎01-18-2023

That should work. I believe that you could also use default line con 0.

HTH

Rick

paul driver · ‎01-18-2023

Hello

@Hicham_y wrote:

If no exec is used under a con 0.

How would I resolve that issue?

Would I just use exec under con 0 again?

Yes...

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul