Virtual terminal lines are used to allow remote access to a router. The router has five virtual terminal lines, by default. You will configure the five vty lines (vty 0 through 4) for Telnet access and set a password on these lines. In addition, you want to ensure that, after 15 minutes of inactivity on the vty lines, the connection times out. To configure the vty lines, you will do the following from global configuration mode:
| Step 1 | Enter line configuration mode. |
| Step 2 | Enable login on the vty lines. |
| Step 3 | Set a password for Telnet access. |
| Step 4 | Set theexec-timeoutinterval. |
Device configuration :
RouterINB#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
RouterINB (config)#line vty 0 4
RouterINB (config-line)#
You can verify that you have successfully entered line configuration mode because the prompt has changed, as shown in above config.. Next, enable login on the vty lines and set a Telnet password of INBSecret on RouterINB.
Configure vty Lines with Login and Password Checking
RouterINB (config-line)#login
RouterINB (config-line)#password INBSecret
Notes:
Remember that if an enable password has not been set on the router, you cannot Telnet into the router. This is true even when a password has been set on the vty lines. Although not shown here, assume that the terminal server has been configured with the enable passwordINBSecret.
Finally, it is a good idea to set timeout values on your vty lines so that idle Telnet sessions will not remain up indefinitely. By default, theexec-timeoutis set to 10 minutes on both the console and the vty ports.
The timeout value is specified in minutes and seconds. You will set the timeout value to 15 minutes and 0 seconds on vty lines 0 through 4 using theexec-timeoutcommand.
Setting theexec-timeoutValue to 15 Minutes and 0 Seconds on vty Lines 0 Through 4
RouterINB (config-line)#exec-timeout ?
<0-35791> Timeout in minutes
RouterINB (config-line)#exec-timeout 15 ?
<0-2147483> Timeout in seconds
<cr>
RouterINB (config-line)#exec-timeout 15 0
RouterINB (config-line)#
Verify the configuration changes in your running-config by exiting back to privileged EXEC with CTRL-Z and then using ashow running-config command. The highlighted section of Example 4-8 shows the last portion of the running-config with the configuration of the five vty lines.
Verify Changes withshow running-configCommand
RouterINB (config-line)#^Z
RouterINB #show running-config
line con 0
login
line 1 16
line aux 0
line vty 0 4
exec-timeout 15 0
password 7 15140A0007252537
login
The end of the config shows all lines on the router, as well as the changes you have made to the vty lines.
Saving the Running Configuration
Save the configuration by typingcopy running-config startup-configfrom global configuration mode,
Copy running-config to startup-config
RouterINB #copy running-config startup-config
Building configuration…
[OK]
RouterINB #
