Question Help

rakemrakem Member Posts: 800
I got this question from the SemSim exam simulator.....

WAN connectivity is established between two routers and ping is possible from Router2 to Router1.
However telnet from remote Router2 to local Router1 using the command telnet 10.10.11.12, returns the message:
________________________________________
" Trying 10.10.11.12 - - - open Password required, but not set" Connection to 10.10.11.12 closed by foreign host
________________________________________

Which of the following command sets will make telnet session from Router2 to Router1 possible?

A. Router1(config)#line console 0 Router1(config-line)#password cisco

B. Router1(config)#line vty 0 4 Router1(config-line)# login

C. Router1(config-line)#password cisco Router2(config)#line console 0 Router2 (config-if)#password cisco

D. Router2(config)#line vty 0 4 Router2(config-if)#password cisco



Now there is only one correct answer for this question. I chose D, the correct answer is B. How can the answer be B if there is no password being set? or by typing login does that set a default password or something?

thanks.
CCIE# 38186
showroute.net

Comments

  • binarysoulbinarysoul Member Posts: 993
    B is correct as you are trying to telnet to Router1, so the password must be set on Router1 not Router2. D is wrong as you're trying to set password on Router2 from where you're trying to telnet :)

    As to why there is no password it may be that 'login' simply means the password is default or blank, I think.
  • david_rdavid_r Member Posts: 112
    rakem,
    Although binarysoul is correct on which router the commands need to be entered, I think the test writer outwitted himself*. When I run into a situation like this, I check it on a router. My router tells me that your router had the login command entered but no password set.


    Here's some capture text.
    line vty 0 4
     password cisco
     login
    !
    ntp master
    end
    
    R2501#telnet 192.168.1.12
    Trying 192.168.1.12 ... Open
    
    
    User Access Verification
    
    Password: 
    R2501>exit
    
    [Connection to 192.168.1.12 closed by foreign host]
    R2501#config t
    Enter configuration commands, one per line.  End with CNTL/Z.
    R2501(config)#line vty 0 4
    R2501(config-line)#no password
    R2501(config-line)#do show run | begin line vty
    
    line vty 0 4
     login
    !
    ntp master
    end
    
    R2501(config-line)# do telnet 192.168.1.12
    Trying 192.168.1.12 ... Open
    
    
    Password required, but none set
    
    [Connection to 192.168.1.12 closed by foreign host]
    R2501(config-line)#no login
    R2501(config-line)#do show run | begin line vty
    
    line vty 0 4
     no login
    !
    ntp master
    end
    
    R2501(config-line)#do telnet 192.168.1.12
    Trying 192.168.1.12 ... Open
    
    R2501>exit
    
    [Connection to 192.168.1.12 closed by foreign host]
    
    R2501(config-line)#login
    % Login disabled on line 2, until 'password' is set
    % Login disabled on line 3, until 'password' is set
    % Login disabled on line 4, until 'password' is set
    % Login disabled on line 5, until 'password' is set
    % Login disabled on line 6, until 'password' is set
    
    R2501(config-line)#do show run | begin line vty
    
    line vty 0 4
     login
    !
    ntp master
    end
    
    R2501(config-line)#do telnet 192.168.1.12
    Trying 192.168.1.12 ... Open
    
    
    Password required, but none set
    
    [Connection to 192.168.1.12 closed by foreign host]
    

    Of particular interest is this code,
    R2501(config-line)#no login
    R2501(config-line)#do show run | begin line vty
    line vty 0 4
     password cisco
     no login
    !
    ntp master
    end
    
    
    R2501(config-line)#telnet 192.168.1.12
    Trying 192.168.1.12 ... Open
    
    R2501>exit
    
    [Connection to 192.168.1.12 closed by foreign host]
    R2501(config-line)#
    
    As you can see, without login set, you are right into the router. It helps me to remember there are three login choices; login (uses password), login local (uses local UN/PW) and login tacacs (uses radius authentication). Actually, there are four as we can avoid the whole login issue, can't we?!?

    *In all reality, C is the correct answer. It it the only answer that adds a password to the line on Router1. Granted, they don't tell us which line but none of the other answers place a password on Router1 line connections, which is the problem we are dealing with.
  • rakemrakem Member Posts: 800
    cool thanks for that.... i hope the real test questions are written at bit better!
    CCIE# 38186
    showroute.net
Sign In or Register to comment.