cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
12271
Views
5
Helpful
10
Replies

Disable Telnet on a Catalyst 3750 stack?

rstevek
Level 1
Level 1

Hi all,

I have just configured a new Catalyst 3750 switch stack.  I am trying to disable Telnet access to the CLI while leaving SSH open.  The "transport input ssh" command is not available for vty line 0 through 3, and even if I disable Telnet in the Web UI I can still Telnet to the switch.  Is what I am trying to do possible with this model?

Thanks,
- Steve

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame

"transport input ssh" command is not available for vty line 0 through 3

Try the following:

line vty 0 15

transport input ssh

View solution in original post

10 Replies 10

vragotha
Level 3
Level 3

What IOS are you running? From the looks of it, you may not have a k9 image running.

Please post a 'show ver' and 'show run' if you do have a k9 image

Hi Vijay,

Thanks for the response.  I am running a k9 image.  I CAN enable SSH, the problem is that I can't DISABLE Telnet.

Thanks,

- Steve

As an alternative, you could create an acl and apply it to your line that only allows port 22.

HTH,

John

HTH, John *** Please rate all useful posts ***

I tried with this and it works.
but add the blocklist access group in vlan

From what you are saying, telnet is still open from lines 4 through 15. You'll want to add the transport input ssh command to all 15 lines to disable telnet

Leo Laohoo
Hall of Fame
Hall of Fame

"transport input ssh" command is not available for vty line 0 through 3

Try the following:

line vty 0 15

transport input ssh

Hi leolaohoo,

Thanks - that worked.  I'm really confused, though, because originally, "transport input ssh" was not a recognized command on lines 0 through 3.  Now, however, after running the command for vty 0 through 15, I can run the same comamnd on 0 3.  I swear that I am not crazy!  I think I hit some sort of bug.

Thanks,

- Steve

Hi Steve,

Thanks for the ratings.

originally, "transport input ssh" was not a recognized command on lines 0 through 3

I've never seen this before, however, some Cisco routers (800, 810, 830, 850, 870) will support only up "4".  So I'm suspecting you are getting confused with this.  It's just a forced of habit for me to configure "0 15" all because of a similar mistake I made years ago.

Maybe you were doing something like configuring "line 0" instead of "line vty 0" ?

Nah, mate.  I was new to everything network.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: