08-17-2010 03:16 PM
Hi all,
I have just configured a new Catalyst 3750 switch stack. I am trying to disable Telnet access to the CLI while leaving SSH open. The "transport input ssh" command is not available for vty line 0 through 3, and even if I disable Telnet in the Web UI I can still Telnet to the switch. Is what I am trying to do possible with this model?
Thanks,
- Steve
Solved! Go to Solution.
08-18-2010 03:31 PM
"transport input ssh" command is not available for vty line 0 through 3
Try the following:
line vty 0 15
transport input ssh
08-17-2010 09:59 PM
What IOS are you running? From the looks of it, you may not have a k9 image running.
Please post a 'show ver' and 'show run' if you do have a k9 image
08-18-2010 09:58 AM
Hi Vijay,
Thanks for the response. I am running a k9 image. I CAN enable SSH, the problem is that I can't DISABLE Telnet.
Thanks,
- Steve
08-18-2010 11:47 AM
As an alternative, you could create an acl and apply it to your line that only allows port 22.
HTH,
John
08-04-2020 01:49 AM - edited 08-04-2020 02:01 AM
I tried with this and it works.
but add the blocklist access group in vlan
08-18-2010 09:44 PM
From what you are saying, telnet is still open from lines 4 through 15. You'll want to add the transport input ssh command to all 15 lines to disable telnet
08-18-2010 03:31 PM
"transport input ssh" command is not available for vty line 0 through 3
Try the following:
line vty 0 15
transport input ssh
08-19-2010 08:52 AM
Hi leolaohoo,
Thanks - that worked. I'm really confused, though, because originally, "transport input ssh" was not a recognized command on lines 0 through 3. Now, however, after running the command for vty 0 through 15, I can run the same comamnd on 0 3. I swear that I am not crazy! I think I hit some sort of bug.
Thanks,
- Steve
08-19-2010 03:48 PM
Hi Steve,
Thanks for the ratings.
originally, "transport input ssh" was not a recognized command on lines 0 through 3
I've never seen this before, however, some Cisco routers (800, 810, 830, 850, 870) will support only up "4". So I'm suspecting you are getting confused with this. It's just a forced of habit for me to configure "0 15" all because of a similar mistake I made years ago.08-22-2010 07:33 PM
Maybe you were doing something like configuring "line 0" instead of "line vty 0" ?
08-22-2010 07:44 PM
Nah, mate. I was new to everything network.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: