Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5767
Views
20
Helpful
7
Replies

line vty config

cisco
Level 1
Level 1

‎05-11-2010 08:15 AM - edited ‎03-06-2019 11:02 AM

Hi All,

          Earlier i used to SSH on my router but now i only want to access via  console only.

Following is my present vty line config

line vty 0 4
no login
no exec
transport input none
transport output none

and when i do a telnet X.X.X.X  22 from a command prompt i get a blank screen. As per me, with this config on vty  i should ideally get error , if any one could help me.

regards

Neo

Labels:
0 Helpful
7 Replies 7

cisco
Level 1
Level 1

‎05-11-2010 11:31 AM

Please help on this

regards

Neo

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to cisco

‎05-11-2010 03:19 PM

Neo

With the configuration of no exec and of transport input none then vty 0 4 should not be responding at all.

Is it possible that your router has more than 5 vty lines? Many of the modern rourters have vty 0 4 and vty 5 15.

HTH

Rick

HTH

Rick

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎05-11-2010 11:25 PM 

Hi All,
          Earlier i used to SSH on my router but now i only want to access via  console only.
Following is my present vty line config
line vty 0 4
 no login
 no exec
 transport input none
 transport output none
and
when i do a telnet X.X.X.X  22 from a command prompt i get a blank
screen. As per me, with this config on vty  i should ideally get error
, if any one could help me.
regards
Neo

Hi,

"transport input none" prevents any protocol selection on the line. This makes the port unusable by incoming connections.As suggested by Rick check it out for line vty 5 15 line configuration.

Hope to Help !!

Ganesh.H

cisco
Level 1
Level 1
In response to Ganesh Hariharan

‎05-11-2010 11:57 PM

Hi,

      In " sh run " there is as such no configuration for "line vty 5 15 " is it possible that this command is hidden ?

or

can i do this "i will log in device using console , then i attempt to telnet X.X.X.X 22 then can i check on which line it is trying to connect ?" is it possible , if yes then which command to execute to check ?

regards

Neo

0 Helpful

ohassairi
Level 5
Level 5
In response to cisco

‎05-12-2010 12:54 AM

try debug telnet or debug ssh

ericn8484_2
Level 1
Level 1
In response to ohassairi

‎05-12-2010 06:41 AM

By setting the line vty transport to none, the Cisco device will no longer respond to telnet sessions. Because the device will not respond to these protocols, you will get a blank screen if you try to telnet to the device.

The only way that I am familiar with not allowing telnet access but giving some type of error message when it fails is to first enable telnet on the line vty transport. Then remove any enable and enable secret passwords on the device. Now when anyone attempts to telnet to the device, it will kick the person out with the error that no enable password has been set.

This will of course required that the device be in a locked environment so not just anyone can console into the device, hopefully you already have this setup.

Richard Burts
Hall of Fame
Hall of Fame
In response to cisco

‎05-12-2010 12:47 PM

Neo

The commnad is not hidden. If it does not show up in running config then the router does not have the extra vty lines.

It might be helpful if you would post the output of show line from the router. This would help to clarify what the router does have.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card