Is it possible to choose a vty line to log in?

workfrom925

Does it serve any practical purpose to set up vty line as

line vty 0 4
login local
line vty 5 15
login

Is it possible to choose a vty line to log in? For example, I tell one user to pick vty 5 to log in since the user does not have a local user id at the router.

NetworkVeteran

No, but the right solution in this scenario is to create a backdoor account. You could either give this backdoor account limited permissions, or change the password each time you allow someone to access it.

For regular access, you should grant them a regular user account.

Would you really want a security scheme where choosing the right number between 0 and 15 allowed everyone an easier time accessing the system? I'd much rather have a backdoor account called "onetime" with password "WPWPaotw"

("Wonder Pets, Wonder Pets, are on the way!")

Vask3n

Hmm this is an interesting question that I am not too sure about off the top of my head.

One thing I can say is this- You can use a standard ACL in this case and only apply it to certain interfaces. For instance you would make a permit ACL for that one user and apply that ACL to the VTY interface you want, for example...

access-list 1 permit host A (where A is the host address)
line vty 4 (they are logging in to the fifth VTY)
login
access-class 1 in (apply the ACL #1 to this particular VTY line).

You can follow up that line with permits for other users and then manually deny that user on all the other lines.

Zartanasaurus

Sure, if you really want to do this it's possible.

line vty 0 4
login local

line vty 15
login
password cisco
rotary 15

Now just have the user telnet to port 3015 and you will use that specific line and configuration.

What exactly are you trying to accomplish though and why?