03-20-2007 11:29 AM - edited 03-05-2019 03:00 PM
Here is my config:
line vty 0 4
privilege level 15
login local
rotary 2
transport input ssh
I thought since I specified ssh as the input transport that it would not allow telnet. What do I have to do to block telent. Also please explain the rotary group. Thanks,
Solved! Go to Solution.
03-20-2007 11:56 AM
Matt
Given the config that you posted I would believe that telnet is not allowed on vty 0 4. Your message is not explicit about it but it seems to suggest that telnet is still working. Is that the case?
If telnet is still working then I would guess that your router has more than 5 vty lines (vty 0 4 includes 0, 1, 2, 3, and 4). Many of the current platforms and feature sets support more vty lines. On many of the platforms I am supporting the vty lines are 0 15 (which is 16 vty lines). The easy way to check is to show run and look down near the bottom. For historical reasons it will still show vty 0 4 and if there are more vty lines it will then show line vty 5 x (where x is the last line). If there are additional vty lines then include the transport intput ssh on them as well.
HTH
Rick
03-20-2007 11:56 AM
Matt
Given the config that you posted I would believe that telnet is not allowed on vty 0 4. Your message is not explicit about it but it seems to suggest that telnet is still working. Is that the case?
If telnet is still working then I would guess that your router has more than 5 vty lines (vty 0 4 includes 0, 1, 2, 3, and 4). Many of the current platforms and feature sets support more vty lines. On many of the platforms I am supporting the vty lines are 0 15 (which is 16 vty lines). The easy way to check is to show run and look down near the bottom. For historical reasons it will still show vty 0 4 and if there are more vty lines it will then show line vty 5 x (where x is the last line). If there are additional vty lines then include the transport intput ssh on them as well.
HTH
Rick
03-20-2007 12:25 PM
Right on Rick.
5 15 were also configured. Changed those and now telnet is blocked.
Thanks,
Matt
03-20-2007 01:27 PM
Matt
Thank you for using the rating system to indicate that your problem was resolved. (and thanks for the rating) It makes the forum much more useful when people can read about a problem and can know that they will read a solution for their problem that worked. I encourage you to continue your participation in the forum.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide