Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

logging telnet

We need to write in the logging buffer when someone telnet one router. That is, to have one message saying who and when some IP address did telnet to a router.

Does anyone know how to do it?

TIA

3 REPLIES
New Member

Re: logging telnet

You could add a line to your incoming access-list that looks like the following:

access-list permit tcp any host eq telnet log-input

and turn on syslogging

Bryan

New Member

Re: logging telnet

Thank you very much.

But now we have another problem: we have a message in the log buffer with the IP address that have done telnet to our router. This person is inside the router and can erase the log, so we cannot know who entered in the router, which is the purpose of that.

We have thought about sending these messages to a syslog server, so they will be secure. But we want only these messages to be sent to the syslog server, not the others. If one interface goes down, I don't want this message to be sent to the syslog server, only the telnet of the intruder.

TIA.

New Member

Re: logging telnet

The best solution is to setup a TACACS+ server. That way all authentication activity is logged on a TACACS+ server including who logged in and what commands they used.

Bryan

83
Views
0
Helpful
3
Replies