Virtual Terminals (VTYs)

VTYs are logical connections from the network to the router; these are typically telnet, SSH, or rlogin connections. When a user telnets to a router from the network, as in Figure 4-2, the router starts an EXEC process to handle this connection.

Figure 4-2. VTY connections

Although no physical link is associated with a virtual terminal, VTYs are configured just like normal TTY lines. VTYs are enabled once they are configured. If you do not configure any VTYs, then logical connections, such as telnet, cannot be made to your router from the network. Here is a VTY configuration example:

Router(config)#line vty 1 
Router(config-line)#login  Must be enabled for login
access 
Router(config-line)#exec-timeout 30 0  Set the timeout to 30 minutes 
Router(config-line)#password letmeinhere  Set one password for telnet
access 
Router(config-line)#transport input ssh  Allow only ssh access 
Router(config-line)#access-class 10 in  Apply access list 10 to this
line 
Router(config-line)#exit 
Router(config)#access-list 10 permit host 10.10.1.2 

This example shows a semi-secure configuration for a VTY terminal. We set a timeout for 30 minutes and apply only one password. We then use the transport input command to define the protocols that are allowed to use this line; in this case, we are allowing only ssh access. (If you want to be less secure, you can use telnet instead of ssh.) The access-class command applies an access list to this interface. We won't explain access lists here; in this example we use a simple access list to permit access from the host at address 10.10.1.2.

You should configure all your VTYs in the same manner, because there is no way to predict which VTY a user is going to receive when he telnets into the device.


Getting Started

IOS Images and Configuration Files

Basic Router Configuration

Line Commands

Interface Commands

Networking Technologies

Access Lists

IP Routing Topics

Interior Routing Protocols

Border Gateway Protocol

Quality of Service

Dial-on-Demand Routing

Specialized Networking Topics

Switches and VLANs

Router Security

Troubleshooting and Logging

Quick Reference

Appendix A Network Basics

Index



Cisco IOS in a Nutshell
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
ISBN: 0596008694
EAN: 2147483647
Year: 2006
Pages: 1031
Authors: James Boney

Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net