Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

logging telnet logons (6500 IOS)


Is there a way to log failed (and successful) telnet logon attempts on 6500 running IOS?

Today I have an ACL with logging as workaround,but it isnt the same thing really, in my opinion.

Getting an AAA server is a bit expensive just for this issue....

Any advices?

New Member

Re: logging telnet logons (6500 IOS)


My understanding is that, you need a AAA server to log any attempt to get into a router or switch and the devices must be enbled for TACACS. By using one AAA server, you can highly secure all the network devices in you network.

Can't think of any other method to do this.


Re: logging telnet logons (6500 IOS)

You can get a Freeware TACACS+ Software plus the Install/Configuration procedure at:

New Member

Re: logging telnet logons (6500 IOS)

One option you may try is to create an access list on the 6500s allowing telnet from a certain subnet or IP addresses. Then enable the traps for syslog and sec. Then each time someone access the 6500 that matches the access list, a syslog entry will be made.

New Member

Re: logging telnet logons (6500 IOS)

Any TACACS-secured router with, example set up below, would enable subnet as the only addresses permitted to telnet in. Then syslog and TACACS logs could chronicle good and bad attempts.

access-list 110 permit tcp host eq telnet log-input

tacacs-server host single-connection

tacacs-server key MYTACACSKEYHERE

line vty 0 1

access-class 110 in

transport preferred telnet