Need explanation: "line vty 0 4"

I'm a week into using IOS and the console, so far just been updating IOS and getting used to the commands. But the line command is not intuitive -- especially the numbers following it -- and I couldn't find references for it.

For example, I know line con 0 is related to console connection, but what exactly does it do? And what does the number 0 mean?

Now, line vty 0 4: I just use it to setup Telnet password without knowing why. Do I assume Telnet whenever I see vty? And why is there a 4 after 0?

Please don't laugh if I make you wanna laugh. Putting "line vty 0 4" in google didn't get any explanation. Let me pre-thank all help here.

Find more posts tagged with

Comments

hono

Hello,
The number 0 4 is the number of the line vty:
line vty 0, line vty 1, .....
for telnet per default, there is five lines, 0 to 4,
and for the console , there is one line the number 0

astorrs

Think of line as similar to interface in that it can contain commands that are specific to that line/interface.

Think of line con 0 as console port #0 (remember Cisco labels interfaces starting at 0, they left it as "0" in case they had routers with multiple console ports).

Think of line vty 0 4 as telnet port #0 through #4 (5 total).

nice343

the vty 0 4 is logical telnet lines that can be connected to

iworms

Thanks! I get it now, "0 4" means 0 to 4, just like "tftp flash" means from tftp to flash.

So line ... 0 ... is not really like a command, but a label saying the following configs are for such and such lines. All clear now.

bashtie

btw. you can also use ssh over those vty lines ... more secure than telnet

dtlokee

They're not really "Telnet" lines, they're terminal lines. There are multiple protocols that can be used to connect to those lines depending on how they are configured. By default they will accept telnet connections but you need to set a password. You can also configure SSH which is the preferred choice if yout IOS supports crypto.

to configure SSH

hostname whateveryouwant
ip domain-name example.com
username bob secret bob    <--- required because SSH uses a username and password
crypto key generate rsa general-keys mod 1024      <--- this line varies you may want to just use "crypto key generate rsa" then put in 1024 for the modulus.

line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better
login local
transport input ssh   <--- allow only ssh protocol into these lines.

Inc

line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better

In case the router doesn't support 16 lines then the configuration input would be rejected.
If you need to configure a lot of devices, then splitting 16 lines in two blocks is better.

line vty 0 4
(..)
line vty 5 15
(..)

I do it this way and don't have to worry about line support restrictions.

dtlokee

Inc wrote:
line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better
In case the router doesn't support 16 lines then the configuration input would be rejected.
If you need to configure a lot of devices, then splitting 16 lines in two blocks is better.
line vty 0 4
(..)
line vty 5 15
(..)
I do it this way and don't have to worry about line support restrictions.

I usually don't configure the additional lines because they're not necessary in most cases, 5 lines for administration should be enough. If I'm using something like auth-proxy or a terminal server then I will use the additional lines.

Mishra

Oh so if you have line vty 0 2 then 3 people can connect at once?

Plazma

Mishra wrote:

Oh so if you have line vty 0 2 then 3 people can connect at once?

yes

Mohammed Ateeq

line vty 0 2
login local

Above Command means total 3(0,1,2) users can login router simultaneously using there credentials and if 4th user trying to have telnet session router wont allow the 4th user to access.

line vty 0 5
login local

Above Command means total 6(0,1,2,3,4,5) users can login router simultaneously using there credentials and if 7th user or trying to have telnet session router wont allow the 4th user to access.

Diff

Hope this clear your doubt..

Thanks
Ateeq