Need explanation: "line vty 0 4"

iwormsiworms Member Posts: 53 ■■□□□□□□□□
in CCNA & CCENT
I'm a week into using IOS and the console, so far just been updating IOS and getting used to the commands. But the line command is not intuitive -- especially the numbers following it -- and I couldn't find references for it.

For example, I know line con 0 is related to console connection, but what exactly does it do? And what does the number 0 mean?

Now, line vty 0 4: I just use it to setup Telnet password without knowing why. Do I assume Telnet whenever I see vty? And why is there a 4 after 0?

Please don't laugh if I make you wanna laugh. Putting "line vty 0 4" in google didn't get any explanation. Let me pre-thank all help here.
· Share on FacebookShare on Twitter

Comments

  • honohono Member Posts: 50 ■■■□□□□□□□
    Hello,
    The number 0 4 is the number of the line vty:
    line vty 0, line vty 1, .....
    for telnet per default, there is five lines, 0 to 4,
    and for the console , there is one line the number 0
    Daniel
    CCIE R&S
    · Share on FacebookShare on Twitter
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Think of line as similar to interface in that it can contain commands that are specific to that line/interface.

    Think of line con 0 as console port #0 (remember Cisco labels interfaces starting at 0, they left it as "0" in case they had routers with multiple console ports).

    Think of line vty 0 4 as telnet port #0 through #4 (5 total).
    twitter: @astorrs
    profile: linkedin.com/in/astorrs
    · Share on FacebookShare on Twitter
  • nice343nice343 Member Posts: 391
    the vty 0 4 is logical telnet lines that can be connected to
    My daily blog about IT and tech stuff
    http://techintuition.com/
    · Share on FacebookShare on Twitter
  • iwormsiworms Member Posts: 53 ■■□□□□□□□□
    Thanks! I get it now, "0 4" means 0 to 4, just like "tftp flash" means from tftp to flash.

    So line ... 0 ... is not really like a command, but a label saying the following configs are for such and such lines. All clear now.
    · Share on FacebookShare on Twitter
  • bashtiebashtie Member Posts: 25 ■□□□□□□□□□
    btw. you can also use ssh over those vty lines ... more secure than telnet
    · Share on FacebookShare on Twitter
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    They're not really "Telnet" lines, they're terminal lines. There are multiple protocols that can be used to connect to those lines depending on how they are configured. By default they will accept telnet connections but you need to set a password. You can also configure SSH which is the preferred choice if yout IOS supports crypto.

    to configure SSH 
    hostname whateveryouwant
ip domain-name example.com
username bob secret bob    <--- required because SSH uses a username and password
crypto key generate rsa general-keys mod 1024      <--- this line varies you may want to just use "crypto key generate rsa" then put in 1024 for the modulus.

line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better
login local
transport input ssh   <--- allow only ssh protocol into these lines.
    The only easy day was yesterday!
    · Share on FacebookShare on Twitter
  • IncInc Member Posts: 184 
    line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better

    In case the router doesn't support 16 lines then the configuration input would be rejected.
    If you need to configure a lot of devices, then splitting 16 lines in two blocks is better.
    line vty 0 4
(..)
line vty 5 15
(..)

    I do it this way and don't have to worry about line support restrictions.
    · Share on FacebookShare on Twitter
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    Inc wrote:
    line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better

    In case the router doesn't support 16 lines then the configuration input would be rejected.
    If you need to configure a lot of devices, then splitting 16 lines in two blocks is better.
    line vty 0 4
(..)
line vty 5 15
(..)

    I do it this way and don't have to worry about line support restrictions.

    I usually don't configure the additional lines because they're not necessary in most cases, 5 lines for administration should be enough. If I'm using something like auth-proxy or a terminal server then I will use the additional lines.
    The only easy day was yesterday!
    · Share on FacebookShare on Twitter
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    Oh so if you have line vty 0 2 then 3 people can connect at once?
    My blog http://www.calegp.com

    You may learn something!
    · Share on FacebookShare on Twitter
  • PlazmaPlazma Member Posts: 503
    Mishra wrote:
    Oh so if you have line vty 0 2 then 3 people can connect at once?

    yes
    CCIE - COMPLETED!
    · Share on FacebookShare on Twitter
  • Mohammed AteeqMohammed Ateeq Registered Users Posts: 1 ■□□□□□□□□□
    line vty 0 2
    login local


    Above Command means total 3(0,1,2) users can login router simultaneously using there credentials and if 4th user trying to have telnet session router wont allow the 4th user to access.


    line vty 0 5
    login local

    Above Command means total 6(0,1,2,3,4,5) users can login router simultaneously using there credentials and if 7th user or trying to have telnet session router wont allow the 4th user to access.


    Diff



    Hope this clear your doubt..

    Thanks
    Ateeq
    · Share on FacebookShare on Twitter
Sign In or Register to comment.