Re: Accessible issue in router

Robo123 · ‎09-24-2017

Hi Team,

I have a cisco 1841 router where am facing access issue even WAN port is up .can any one confirm what is the Quit mode

"login block-for X attempts X within X"

also how to remove the same.

Rob Ingram · ‎09-24-2017

The command "login block-for 120 attempts 3 within 10" will block all connections to the device for 120 seconds if the credentials are entered incorrectly 3 times within 10 seconds. These values/timers are configurable.

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/xe-3s/sec-usr-cfg-xe-3s-book/sec-login-enhance.pdf

To remove the command just prefix with NO. E.g - "no login block-for 120 attempts 3 within 10"

Julio E. Moisa · ‎09-24-2017

Hi

The quiet mode is basically a restriction based on an ACL, if the attacker has tried certain time it will block remote access ports: telnet, ssh and/or www.

Default paremeters:

10 deny tcp any any eq telnet
20 deny tcp any any eq www
30 deny tcp any any eq 22
40 permit ip any any

I suggest this link

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/xe-16-6/sec-usr-cfg-xe-16-6-book/sec-login-enhance.html?dtid=osscdc000283

If you want to delete the lines:

no login block-for seconds attempts tries within seconds
no login quiet-mode access-class --> Although this command is optional, it is recommended that it be configured to specify an ACL that is to be applied to the router when the router switches to quiet mode. When the router is in quiet mode, all login requests are deniedand the only available connection is through the console. If this command is not configured, then the default ACL sl_def_acl is created on the router. This ACL is hidden in the running configuration. Use the show access-list sl_def_acl to view the parameters for the default ACL.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<