Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to use " ip identd" to check the incoming user ?


I configurate the command "ip identd" in routers. How to get the information from the port (113) in routers. I had used the access-list to check the telnet session between two routers but could n't view anything.

please advise.

best regards



Re: How to use " ip identd" to check the incoming user ?

What exactly are you trying to do? "Show users" to see who is logged in.

If you want info on the ident protocol see RFC 1413: . With identification support, you can connect a TCP port on a host, issue a simple text string to request information, and receive a simple text-string reply. There isn't alot you can configure with it, just enable/disable. Make sure the request is sent properly.

If you want to see who logs in and what they do you can try two options: local priviledge or tacacs+ AAA.

Local example:

priviledge exec level 2 ping

priviledge exec level 2 show config

priveldge exec level 3 debug ip rip

enable secret level 2 ...

enable secret level 3 ...

Log in on one of those level: enable 2 or enable 3

This way you can see the username that logs in, and limit what they do.

Tacacs+ example:

aaa new-model

tacacs-server host

tacacs-server key ...

aaa authorization exec tacacs+

aaa accounting ...

Set up a tacacs+ server.

This way you see who logs in, limit what they do, and have audit records of what they did.

Hope it helps.