Line VTY 0 4 - where are they?

workfrom925workfrom925 Senior MemberMember Posts: 196
in CCNA & CCENT
I'm studying CCNA chapter one. One task is configure vty to have password security. The book command is "#line vty 0 4". But I read online vty can actually go up to 15 ofr a total of 16 VTY lines. So should I type "#line vty 0 16"?

Somehow I figured out how to look up how many vty ports my router has by typing "show line". My Cisco1721 didn't even have vty 0 to 4. It has vty 6 to 10. What's going on? Can you guys explain?

R1#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
1 TTY - inout - - - 0 4 0/0 -
5 AUX 9600/9600 - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
7 VTY - - - - - 0 0 0/0 -
8 VTY - - - - - 0 0 0/0 -
9 VTY - - - - - 0 0 0/0 -
10 VTY - - - - - 0 0 0/0 -

Line(s) not in async mode -or- with no hardware support:
2-4
· Share on FacebookShare on Twitter

Comments

  • pamccabepamccabe Senior Member Member Posts: 315 ■■■□□□□□□□
    Vty lines are logical connections that are used by telnet and ssh to remote into a switch or router. Older models only had lines 0 - 4. Newer models can handle more connections. I'm not familiar with the 1721 router so not sure about that output.
    · Share on FacebookShare on Twitter
  • TehToGTehToG Senior Member Member Posts: 194
    Vty stands for Virtual TeletYpe. As pamccabe says they're logical and not physical. If you configure the lines then you might understand where they come from. You can also put the command "no exec" under the vty lines to stop them being used.

    Think about the command you typed. "Line VTY 0 16". Start at VTY0 and count up 16 lines. Found your error yet?

    Start by configuring telnet access likes 0-4 and no exec to the rest and you'll see how it works.
    · Share on FacebookShare on Twitter
  • Ltat42aLtat42a Senior Member Member Posts: 587 ■■■□□□□□□□
    You can also use help to find out how vty lines your model/IOS supports -

    router(config)#line vty 0 ?

    hth
    · Share on FacebookShare on Twitter
  • workfrom925workfrom925 Senior Member Member Posts: 196
    Ltat42a wrote: »
    You can also use help to find out how vty lines your model/IOS supports -

    router(config)#line vty 0 ?

    hth

    Hi, I tried your command. It shows

    R1(config)#line vty 0 ?
    <1-15> Last Line number
    <cr>

    So it has 16 vty lines. If I only set up password on line vty 0 4. How does a hacker hack into a Cisco router? Because when I telnet into a Cisco router, it doesn't ask me which vty line to use.
    · Share on FacebookShare on Twitter
  • TrifidwTrifidw Senior Member Member Posts: 281
    It will automatically put you into the first available slot, any lines that do not have a password set can not be used.
    · Share on FacebookShare on Twitter
  • pamccabepamccabe Senior Member Member Posts: 315 ■■■□□□□□□□
    Telnet sends all data in clear text, even passwords. You can't establish a telnet connection without first setting up a vty password. You'll get an immediate disconnection error if you try. My guess is if all your logical connections are in use, you won't be able to connect. Try configuring the password for #line vty 0 15. After that, try setting up ssh. At least that encrypts data that is sent. Even username and password.
    · Share on FacebookShare on Twitter
  • d6bmgd6bmg BMG FTW!! Member Posts: 241
    All 16 vty ports are open there from 0 to 15. ;)
    [ ]CCDA; [ ] CCNA Security
    · Share on FacebookShare on Twitter
Sign In or Register to comment.