thanks for your answer.

it's helpful to me.

Long time ago the last answer. 

The solution is simple yet strange:

Just compair both line so like

0 2

3-4

5,

6-15

make all the VTY's like the one you want to keep ( like the 0-2 ) and they will disapear. 

so copy paste the same configuration to ALL the VTY's like 0 2. 

line vty 0 2
session-timeout 20
line vty 3 4

session-timeout 30
line vty 5
session-timeout 40
config t

line vty 3 4
session-timeout 20
line vty 5
session-timeout 20

and they should be gone with just 0-4 left. 

if you see 0 5 just split it to 0 4 and 5 ( 5 needs a diffirent config like 0 4 

and do a

no vty line 5 

done!

thanks for you answer.

it's a good information. thanks again

line vty 0 4

password

login

line vty 5 15

no login

Beware!!! Actually this disables asking for password on incomming telnet sessions!

In this case, your switch will only ask for password on the firt five telnet sessions.

you can also go with....

line vty 5 15

transport input none

transport output none.

That will not allow any type (ssh, telnet, etc) to be established on vty lines 5 15.

I would recommend the following config on any devies that uses SSH

line vty 0 4

transport input ssh

password

login

If you want the vty 5 to 15 to not work then the best thing to do is to configure this

line vty 5 15

no exec

HTH

Rick

Not sure what IOS version you have, but I did it before. Note you only need to delete line vty 5 and the IOS will automatically delete all lines that started from 5. However, you can not delete the line vty from 0 to 4.

Below is how I delete them:

c28ar01#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
c28ar01(config)#do sh run | be line vty
line vty 0 4
session-timeout 5
access-class 22 in
transport preferred none
transport input ssh
transport output none

!

!

< snip >

c28ar01(config)#
c28ar01(config)#line vty 5 15  >>> Added vty 5 - 15
c28ar01(config-line)#
c28ar01(config-line)#
c28ar01(config-line)#
c28ar01(config-line)#do sh run | be line vty
line vty 0 4
session-timeout 5
access-class 22 in
transport preferred none
transport input ssh
transport output none
!
line vty 5 15      >>> new

!

< snip >

c28ar01(config-line)#
c28ar01(config-line)#no line vty 5
c28ar01(config)#
c28ar01(config)#
c28ar01(config)#do sh run | be line vty
line vty 0 4
session-timeout 5
access-class 22 in
transport preferred none
transport input ssh
transport output none
!

<<< line vty 5-15 are now deleted >>>

< snip >

I wanted to add that I normally configure my vty ports as follows:

line vty 0 4

access-class 23 in

password 7 xxxxxxxxxxx

login local

transport input ssh

line vty 5 15

access-class 23 in

no login

transport input none

I don't normally login from one switch to another.  I limit IP addresses that have access to the device.  There are many variations.  But if you don't want to use ports vty 5 - 15, just input the:

line vty 5 15

no login

transport input none

How IOS treats the vty 5 15 is very much dependent on the version of IOS being used. We have an example in this thread in which vty 5 15 is not the default. Clearly in this version of IOS the extra vty can be added and can be deleted.

And very clearly the version of IOS for the original poster does have vty 5 15 as its default setting and will not allow them to be deleted

PE007(config)#no line vty 5 15

% Can't delete last 16 VTY lines

HTH

Rick