Hello everyone! Today’s topic is, how to configure Telnet on your Cisco IOS devices. If you are not familiar with Telnet, read this WIKI page. By the end of this article, you will be confident enough to configure and troubleshoot Telnet related issues on Cisco routers and switches. So, let’s get started.
First of all, we will check our interface IPs by running show ip interface brief and choose an interface for telnet.
Cisco-RTR#show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 10.1.1.50 YES NVRAM up up GigabitEthernet0/1 172.16.0.1 YES NVRAM up up GigabitEthernet0/2 172.16.1.1 YES NVRAM up up GigabitEthernet0/3 unassigned YES NVRAM administratively down down GigabitEthernet0/4 unassigned YES NVRAM administratively down down
You can see interface gig0/0 to gig0/2 has IP addresses. And, we can telnet any IPs of this list, as long as we have the reachability. In this example, we will telnet on 10.1.1.50.
Telnet configuration will be in the bottom of the configuration file. You can use show run command to see the configuration. You also can use filter commands to go telnet configuration directly run using show run | section vty.
Cisco-RTR#show running-config | section vty line vty 0 4 login transport input none
Before enabling telnet, you should know, we can enable telnet in two ways. In the first way, we will add a password for telnet. By this way, whenever someone tried to telnet to the device, they only need to use password, no username. Problem with this method is, you will not be able to identify who joined to the telnet session.
In the 2nd way, we can enable telnet for local users, where a telnet user need to have an account on the device.
Let’s configure telnet in first ways.
Method 1:
Cisco-RTR#configure terminal Cisco-RTR(config)#line vty 0 4 Cisco-RTR(config-line)#transport input telnet Cisco-RTR(config-line)#password cisco Cisco-RTR(config-line)#login
Explanation: transport input telnet: Enabling telnet. password cisco: Setting the password for telnet. Password is cisco. login: Allowing login
That’s it for 1st way. Now we can test our configuration. Let’s open a putty session and try to telnet 10.1.1.50.
As expected, it is asking the password. After using password cisco and we are successfully logged in.
Now, let’s identify the problem with this method. We will run show users command.
You can see, two people are logged in, one is using console and one is in vty. But, you will not be able to identify who logged in using vty.
Now, let’s move to the 2nd method.
Method 2:
Below are our configuration-
Cisco-RTR#configure terminal Cisco-RTR(config)#line vty 0 4 Cisco-RTR(config-line)#transport input telnet Cisco-RTR(config-line)#login local
Explanation: transport input telnet: Enabling telnet. login local: Allowing login using local credentials.
Now, we will test our telnet configuration by doing the telnet to the device. Let’s telnet to 10.1.1.50.
You can see it’s asking username, let’s use username rajib and then use its associated password.
Now, let’s check who is logged in to the device by running show users command.
You can see, in vty session user rajib is logged in. Due to this, method 2 is more preferred than method 1.
I also want to refer you my another blog post for tacacs confiration. Link: How to configure TACACS+ on Cisco Routers and Switches.
So, this is how to configure Telnet on Cisco IOS routers and switches. Hope you will enjoy. Let me know if you have any questions about Telnet configuration.
does this work if I already have a password and want to change it using console
also could you explain even with head lines different types of passwords that is used on switch?
thanks,
Hi Amr, yes, it will work.