Line VTY 0 4 - where are they?
workfrom925
Member Posts: 196
in CCNA & CCENT
I'm studying CCNA chapter one. One task is configure vty to have password security. The book command is "#line vty 0 4". But I read online vty can actually go up to 15 ofr a total of 16 VTY lines. So should I type "#line vty 0 16"?
Somehow I figured out how to look up how many vty ports my router has by typing "show line". My Cisco1721 didn't even have vty 0 to 4. It has vty 6 to 10. What's going on? Can you guys explain?
R1#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
1 TTY - inout - - - 0 4 0/0 -
5 AUX 9600/9600 - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
7 VTY - - - - - 0 0 0/0 -
8 VTY - - - - - 0 0 0/0 -
9 VTY - - - - - 0 0 0/0 -
10 VTY - - - - - 0 0 0/0 -
Line(s) not in async mode -or- with no hardware support:
2-4
Somehow I figured out how to look up how many vty ports my router has by typing "show line". My Cisco1721 didn't even have vty 0 to 4. It has vty 6 to 10. What's going on? Can you guys explain?
R1#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
1 TTY - inout - - - 0 4 0/0 -
5 AUX 9600/9600 - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
7 VTY - - - - - 0 0 0/0 -
8 VTY - - - - - 0 0 0/0 -
9 VTY - - - - - 0 0 0/0 -
10 VTY - - - - - 0 0 0/0 -
Line(s) not in async mode -or- with no hardware support:
2-4
Comments
-
pamccabe
Member Posts: 315 ■■■□□□□□□□
Vty lines are logical connections that are used by telnet and ssh to remote into a switch or router. Older models only had lines 0 - 4. Newer models can handle more connections. I'm not familiar with the 1721 router so not sure about that output.
-
TehToG
Member Posts: 194
Vty stands for Virtual TeletYpe. As pamccabe says they're logical and not physical. If you configure the lines then you might understand where they come from. You can also put the command "no exec" under the vty lines to stop them being used.
Think about the command you typed. "Line VTY 0 16". Start at VTY0 and count up 16 lines. Found your error yet?
Start by configuring telnet access likes 0-4 and no exec to the rest and you'll see how it works. -
Ltat42a
Member Posts: 587 ■■■□□□□□□□
You can also use help to find out how vty lines your model/IOS supports -
router(config)#line vty 0 ?
hth -
workfrom925
Member Posts: 196
You can also use help to find out how vty lines your model/IOS supports -
router(config)#line vty 0 ?
hth
Hi, I tried your command. It shows
R1(config)#line vty 0 ?
<1-15> Last Line number
<cr>
So it has 16 vty lines. If I only set up password on line vty 0 4. How does a hacker hack into a Cisco router? Because when I telnet into a Cisco router, it doesn't ask me which vty line to use. -
Trifidw
Member Posts: 281
It will automatically put you into the first available slot, any lines that do not have a password set can not be used.
-
pamccabe
Member Posts: 315 ■■■□□□□□□□
Telnet sends all data in clear text, even passwords. You can't establish a telnet connection without first setting up a vty password. You'll get an immediate disconnection error if you try. My guess is if all your logical connections are in use, you won't be able to connect. Try configuring the password for #line vty 0 15. After that, try setting up ssh. At least that encrypts data that is sent. Even username and password.
