Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

logging telnet logons (6500 IOS)

Hi!

Is there a way to log failed (and successful) telnet logon attempts on 6500 running IOS?

Today I have an ACL with logging as workaround,but it isnt the same thing really, in my opinion.

Getting an AAA server is a bit expensive just for this issue....

Any advices?

4 REPLIES
New Member

Re: logging telnet logons (6500 IOS)

Hi,

My understanding is that, you need a AAA server to log any attempt to get into a router or switch and the devices must be enbled for TACACS. By using one AAA server, you can highly secure all the network devices in you network.

Can't think of any other method to do this.

Blue

Re: logging telnet logons (6500 IOS)

You can get a Freeware TACACS+ Software plus the Install/Configuration procedure at: http://www.cisco.com/warp/public/480/tacplus.shtml

New Member

Re: logging telnet logons (6500 IOS)

One option you may try is to create an access list on the 6500s allowing telnet from a certain subnet or IP addresses. Then enable the traps for syslog and sec. Then each time someone access the 6500 that matches the access list, a syslog entry will be made.

New Member

Re: logging telnet logons (6500 IOS)

Any TACACS-secured router with, example set up below, would enable subnet 10.1.1.0/24 as the only addresses permitted to telnet in. Then syslog and TACACS logs could chronicle good and bad attempts.

access-list 110 permit tcp 10.1.1.0 0.0.0.255 host 0.0.0.0 eq telnet log-input

tacacs-server host 10.1.2.1 single-connection

tacacs-server key MYTACACSKEYHERE

line vty 0 1

access-class 110 in

transport preferred telnet

190
Views
0
Helpful
4
Replies