Disable Telnet on a Catalyst 3750 stack?

Answered Question
Aug 17th, 2010

Hi all,

I have just configured a new Catalyst 3750 switch stack.  I am trying to disable Telnet access to the CLI while leaving SSH open.  The "transport input ssh" command is not available for vty line 0 through 3, and even if I disable Telnet in the Web UI I can still Telnet to the switch.  Is what I am trying to do possible with this model?

Thanks,
- Steve

I have this problem too.
0 votes
Correct Answer by Leo Laohoo about 6 years 3 months ago

"transport input ssh" command is not available for vty line 0 through 3

Try the following:

line vty 0 15

transport input ssh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
vragotha Tue, 08/17/2010 - 21:59

What IOS are you running? From the looks of it, you may not have a k9 image running.

Please post a 'show ver' and 'show run' if you do have a k9 image

rstevek Wed, 08/18/2010 - 09:58

Hi Vijay,

Thanks for the response.  I am running a k9 image.  I CAN enable SSH, the problem is that I can't DISABLE Telnet.

Thanks,

- Steve

John Blakley Wed, 08/18/2010 - 11:47

As an alternative, you could create an acl and apply it to your line that only allows port 22.

HTH,

John

vragotha Wed, 08/18/2010 - 21:44

From what you are saying, telnet is still open from lines 4 through 15. You'll want to add the transport input ssh command to all 15 lines to disable telnet

Correct Answer
Leo Laohoo Wed, 08/18/2010 - 15:31

"transport input ssh" command is not available for vty line 0 through 3

Try the following:

line vty 0 15

transport input ssh

rstevek Thu, 08/19/2010 - 08:52

Hi leolaohoo,

Thanks - that worked.  I'm really confused, though, because originally, "transport input ssh" was not a recognized command on lines 0 through 3.  Now, however, after running the command for vty 0 through 15, I can run the same comamnd on 0 3.  I swear that I am not crazy!  I think I hit some sort of bug.

Thanks,

- Steve

Leo Laohoo Thu, 08/19/2010 - 15:48

Hi Steve,

Thanks for the ratings.

originally, "transport input ssh" was not a recognized command on lines 0 through 3

I've never seen this before, however, some Cisco routers (800, 810, 830, 850, 870) will support only up "4".  So I'm suspecting you are getting confused with this.  It's just a forced of habit for me to configure "0 15" all because of a similar mistake I made years ago.

Actions

This Discussion