Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Limiting telnet sessions

I am looking to limit the number of telnet sessions to some of my equipment. Can anyone point me in the right direction on how to do this?

  • Other Security Subjects

Re: Limiting telnet sessions

Depending of the cisco device .. you could configure a password or aaa access for the first vty lines .i.e line vty 0 2 ( will give you 3 simultaneous telnet sessions ) and then leave the other vty lines with no password ot aaa access line vty 3 15 . Unfortunatley you can do this on a PIX which be default support up to 5 telnet sessions.

I hope it helps ... please rate it if it does !!!

Hall of Fame Super Silver

Re: Limiting telnet sessions

As Fernando points out, limiting telnet access involves controlling the vty ports. His suggestion of configuring authentication for some ports and not for others is one approach. I believe that there is a more simple and direct approach. After you decide how many vty lines should be activated, configure this on the vty lines that you do not want to be active:

no exec

This will prevent those vty ports from starting an exec session which inherently prevents telnet access to them.



New Member

Re: Limiting telnet sessions

Thanks for the info, right now if I have line vty 0 1 (which should give me 2 telnet connections). However, new VTY lines are being created as needed. I was looking at the line vty session-limit but for some reason that command is not available on any of my equipment (2950's, 3550's, 3560's).

This widget could not be displayed.