Scenario:
Your network has two routers called Day and Night. Users behind router Day are using telnet to access router Night. Some users have been complaining that telnet access should be easier so you decide to look at it and so some tuning.
Goal:
- All IP addresses have been preconfigured for you.
- Configure router Night so only VTY line 0 – 2 will be used.
- Configure router Night so it uses port 3050 for telnet.
- Configure router Night so it shows a “Sorry Busy!” message when there are no available VTY lines.
- When someone from router Day telnets into router Night and makes a typing error it shouldn’t try to do a domain lookup.
- Configure router Night so telnet sessions drop at 1 minute of inactivity.
- Configure router Night so telnet sessions will always drop after 2 minutes.
- Configure router Night so users can lock a VTY line.
IOS:
c3640-jk9o3s-mz.124-16.bin
Topology:
Configuration Files
You need to register to download the GNS3 topology file. (Registration is free!)Once you are logged in you will find the configuration files right here.
Do you want your CCNA or CCNP Certificate?
The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.
Written by René Molenaar - CCIE #41726
line vty 0 2
exec-timeout 1 0
lockable
absolute-timeout 2
login
refuse-message ^CSorry Busy!^C
transport preferred none
line vty 3 4
no login
Regards
Anton
can we get a video on this?
For the port restriction, try this:
ip access-list extended VTY04
permit tcp any any eq 3050 log
line vty 0 2
rotary 50
The rotary command allows the router to listen on another port, besides port 23. Then number you enter will be added to 3,000