Filter
Top Products
60-39
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 60 Router Device Administration
Line Access on Cisco IOS Routers
Note You can create only one definition per VTY line. An error is displayed if you create a VTY line definition
that overlaps an existing definition.
Note If you use Security Manager to configure the default VTY lines (0-4), your definition overrides the
default settings on the device. If you later delete this definition from Security Manager, the input
protocol settings are retained and the other default settings are restored. This ensures that you always
have VTY lines available for remote access to the device.
Note You can use the CLI or FlexConfigs to configure additional VTY lines on devices that support more than
16 lines.
Related Topics
• Line Access on Cisco IOS Routers, page 60-35
Step 1 Do one of the following:
• (Device view) Select Platform > Device Admin > Device Access > Line Access > VTY from the
Policy selector.
• (Policy view) Select Router Platform > Device Admin > Device Access > Line Access > VTY
from the Policy Type selector. Select an existing policy or create a new one.
The VTY page is displayed. See Table 60-20 on page 60-50 for a description of the fields on this page.
Step 2 Click the Add button beneath the Lines table, or select a line definition and then click the Edit button.
The Setup tab of the VTY Lines dialog box is displayed. See Table 60-21 on page 60-51 for a description
of the fields on this tab.
Step 3 Enter the relative line number of the VTY line. If you are configuring a group of VTY lines, enter the
first and last numbers of the group in the fields provided.
Step 4 (Optional) Enter the password for accessing the console line, then enter it again in the Confirm field.
Step 5 (Optional) Modify the default Privilege (15) granted to users of this VTY line (or group of lines).
Step 6 (Optional) Select the Disable all the EXEC sessions to the router via this line check box to prevent
any incoming connections over this VTY line (or group of lines).
Step 7 (Optional) Modify the default timeout after which the line is disconnected if no user input is detected.
Note Setting this value to 0 to disables the timeout. Disabling the timeout could cause abandoned
sessions to block available VTY lines. It can also compromise the security of your network.
Step 8 (Optional) Specify which protocols can be used for inbound and outbound connections on this VTY line
(or group of lines):
• All—All supported protocols are permitted.
• None—No protocols are permitted.
• Protocol—Enables one or more of the following protocols: SSH, Telnet, and rlogin.