06-03-2022 03:12 PM
Is there such thing as VTY line groups? like, 0 4 or 5 15? yes there are but are they really groups? Can you put different configurations in them?
But that would me that a user has to log in to a particular group. How is that done?
Or do users automatically get VTY lines sequentially? Therefore of course there are no groups?
HAVE NO IDEA WHAT LABELS ARE!!!!!
06-03-2022 03:13 PM
mean
@launchnow wrote:Is there such thing as VTY line groups? like, 0 4 or 5 15? yes there are but are they really groups? Can you put different configurations in them?
But that would me that a user has to log in to a particular group. How is that done?
Or do users automatically get VTY lines sequentially? Therefore of course there are no groups?
HAVE NO IDEA WHAT LABELS ARE!!!!!
06-03-2022 03:20 PM - edited 06-03-2022 04:19 PM
absolutely yes you can make different config for each group and config different password for each one.
please see below comment
06-03-2022 03:33 PM
OK so here is the excruciating, maddening, obvious question that is not seen anywhere: How does a user direct his connection to a particular group? And if he does not then what group is used? Thanks
06-03-2022 03:45 PM - edited 06-03-2022 04:19 PM
please see below comment
06-03-2022 04:05 PM
WHAT? He will direct to this group?
Thanks for your reply.
What will he write to use group "line vty 5 15"? Or "line vty 16 20"?
06-03-2022 04:18 PM
I do small lab and I see exactly what you mention about the group and how we can control which group we hit when telnet,
router select VTY one by one and when select first group first line you need right password for it to telnet and if you failed then the router will not go to other group and try group password
BUT
workaround is in this link
http://brbccie.blogspot.com/2014/01/mini-vty-rotary_5.html
where we will use port with telnet to make router select the group we want.
06-04-2022 12:18 AM
Let me first address what appears to be "groups" of vty lines. In early versions of IOS there were 5 vty lines (0 through 4). Then Cisco expanded the number of vty lines (typically to 16 but other number of vty is possible). In the output of show commands the vty 0 4 are separated from vty 5 15 which suggests a grouping. I am not sure why it is this way and assume that it is to provide backwards compatibility.
There is not anything inherently different between vty 0 4 and vty 5 15. But it is possible to configure them differently. For example you might configure vty 0 4 with transport input telnet and configure vty 5 15 with transport input ssh. The result is that any user connecting to the device using telnet would connect to 0 4 (and could not connect to 5 15) while a user connecting to the device using ssh would connect to 5 15 (and could not connect to 0 4).
06-04-2022 06:02 AM
Hi
If you are running IOS XE 17.4 or newer, you can have many possibilities when grouping Line VTY:
"Starting with Cisco IOS XE 17.4.1 release, you can use the no line auto-consolidation command, in the global configuration mode, to disable the auto consolidation of LINE commands. Auto consolidation is enabled by default. To disable it use the no form of the command. "
Device#show run | sec line
line vty 0 4
transport input ssh
line vty 5 9
transport input all
Device#configure terminal
Device(config)#no line auto-consolidation
Device(config)#line vty 10 15
Device(config-line)#transport input all
Device(config-line)#end
Device#show run | sec line
no line auto-consolidation
line vty 0 4
transport input ssh
line vty 5 9
transport input all
line vty 10 15
transport input all
!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide