|
|
This chapter describes the commands for setting operating characteristics for remote terminal service connections. It also describes the commands used to monitor and manage these connections.
Configuring support for terminal service connections means to enable network devices running the same protocol, such as local-area transport (LAT) or Transmission Control Protocol (TCP), to connect across a LAN or WAN through network and terminal-emulation software such as Telnet, rlogin, TN3270, LAT, and NetWare Access Server Interface (NASI).
The following terminal connections can be performed by configuring terminal operating characteristic using the Cisco IOS software:
To set the interval for closing the connection, use the absolute-timeout line configuration command. Use the no form of this command to restore the default.
absolute-timeout minutes| minutes | The number of minutes after which the user's session will be terminated. |
No timeout interval is automatically set.
Line configuration
This command first appeared in Cisco IOS Release 11.0.
This command terminates the connection after the specified time period has elapsed, regardless of whether the connection is being used at the time of termination. You can specify an absolute-timeout value for each port. The user is given 20 seconds notice before the session is terminated. You can use this command in conjunction with the logout-warning command, which notifies the user of an impending logout.
The following example sets an interval of 60 minutes on line 5:
line 5 absolute-timeout 60
You can use the master indexes or search online to find documentation of related commands.
logout-warning
session-timeout
This command has no arguments or keywords.
Enabled
Line configuration
This command first appeared in Cisco IOS Release 10.0.
Table 22 provides a description of the keys used to enter and edit commands. "Ctrl" indicates the Control key. It must be pressed simultaneously with its associated letter key. "Esc" indicates the Escape key. It must be pressed first, followed by its associated letter key. Keys are not case sensitive.
| Keys | Function |
|---|---|
| Tab | Completes a partial command name entry. When you enter a unique set of characters and press the Tab key, the system completes the command name. If you enter a set of characters that could indicate more than one command, the system beeps to indicate an error. Enter a question mark (?) immediately following the partial command (no space). The system provides a list of commands that begin with that string. |
| Delete or Backspace | Erases the character to the left of the cursor. |
| Return | At the command line, pressing the Return key performs the function of processing a command. At the "---More---" prompt on a terminal screen, pressing the Return key scrolls down a line.
|
| Space Bar | Allows you to see more output on the terminal screen. Press the space bar when you see the line "---More---" on the screen to display the next screen.
|
| Left arrow1 | Moves the cursor one character to the left. When you enter a command that extends beyond a single line, you can press the Left Arrow key repeatedly to scroll back toward the system prompt and verify the beginning of the command entry. |
| Right arrow1 | Moves the cursor one character to the right. |
| Up arrow1 or Ctrl-P | Recalls commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands. |
| Down arrow1 or Ctrl-N | Return to more recent commands in the history buffer after recalling commands with the Up Arrow or Ctrl-P. Repeat the key sequence to recall successively more recent commands. |
| Ctrl-A | Moves the cursor to the beginning of the line. |
| Ctrl-B | Moves the cursor back one character. |
| Ctrl-D | Deletes the character at the cursor. |
| Ctrl-E | Moves the cursor to the end of the command line. |
| Ctrl-F | Moves the cursor forward one character. |
| Ctrl-K | Deletes all characters from the cursor to the end of the command line. |
| Ctrl-L and Ctrl-R | Redisplays the system prompt and command line. |
| Ctrl-T | Transposes the character to the left of the cursor with the character located at the cursor. |
| Ctrl-U and Ctrl-X | Deletes all characters from the cursor back to the beginning of the command line. |
| Ctrl-V and Esc Q | Inserts a code to indicate to the system that the keystroke immediately following should be treated as a command entry, not as an editing key. |
| Ctrl-W | Deletes the word to the left of the cursor. |
| Ctrl-Y | Recalls the most recent entry in the delete buffer. The delete buffer contains the last ten items you have deleted or cut. Ctrl-Y can be used in conjunction with Esc Y. |
| Ctrl-Z | Ends configuration mode and returns you to the EXEC prompt. |
| Esc B | Moves the cursor back one word. |
| Esc C | Capitalizes the word at the cursor. |
| Esc D | Deletes from the cursor to the end of the word. |
| Esc F | Moves the cursor forward one word. |
| Esc L | Changes the word at the cursor to lowercase. |
| Esc U | Capitalizes from the cursor to the end of the word. |
| Esc Y | Recalls the next buffer entry. The buffer contains the last ten items you have deleted. Press Ctrl-Y first to recall the most recent entry. Then press Esc Y up to nine times to recall the remaining entries in the buffer. If you bypass an entry, continue to press Esc Y to cycle back to it. |
In the following example, enhanced editing mode is disabled on virtual terminal line 3:
line vty 3 no editing
You can use the master indexes or search online to find documentation of related commands.
terminal editing
To enable password checking at login, use the login line configuration command. Use the no form of this command to disable password checking and allow connections without a password.
login [local | tacacs]| local | (Optional) Selects local password checking. Authentication is based on the username specified with the username global configuration command. |
| tacacs | (Optional) Selects the Terminal Access Controller Access Control System (TACACS)-style user ID and password-checking mechanism. |
Virtual terminals require a password. If you do not set a password for a virtual terminal, it responds to attempted connections by displaying an error message and closing the connection.
Line configuration
This command first appeared in Cisco IOS Release 10.0.
If you specify the login command without the local or tacacs option, authentication is based on the password specified with the password line configuration command.
The following example sets the password letmein on virtual terminal line 4:
line vty 4 password letmein login
The following example enables the TACACS-style user ID and password-checking mechanism:
line 0 password mypassword login tacacs
You can use the master indexes or search online to find documentation of related commands.
enable password
password
username
To enable AAA/TACACS+ authentication for logins, use the login authentication line configuration command. Use the no form of the command to return to the default.
login authentication [default | list-name]| default | Uses the default list created with the aaa authentication login command. |
| list-name | Use the list specified. |
Login authentication uses the default set with the aaa authentication login command. If no default is set, the local user database is checked. No authentication is performed on the console.
Line configuration
This command first appeared in Cisco IOS Release 10.3.
This command is a per-line command used with AAA authentication and specifies a list of TACACS+ authentication processes that are tried at login. If no list is specified, the default list is used (whether or not it is specified in the command line). Defaults and lists are created with the aaa authentication login command. Note that entering the no version of login authentication has the same effect as entering the command with the default argument.
Before issuing this command, create a list of authentication processes with the aaa authentication login global configuration command.
 | Caution If you use a list-name that has not been configured with the aaa authentication login command, you will disable logins on this line. |
The following example specifies that the default AAA authentication is to be used on line 4:
line 4 login authentication default
The following example specifies that the AAA authentication list called MIS-access is to be used on line 7:
line 7 login authentication MIS-access
You can use the master indexes or search online to find documentation of related commands.
aaa authentication login
To specify a password on a line, use the password line configuration command. Use the no form of this command to remove the password.
password password| password | Character string that specifies the line password. The first character cannot be a number. The string can contain any alphanumeric characters, including spaces, up to 80 characters. You cannot specify the password in the format number-space-anything. The space after the number causes problems. For example, hello 21 is a legal password, but 21 hello is not. The password checking is case sensitive. For example, the password Secret is different than the password secret. |
No password is specified.
Line configuration
This command first appeared in Cisco IOS Release 10.0.
When an EXEC process is started on a line with password protection, the EXEC prompts for the password. If the user enters the correct password, the EXEC prints its normal privileged prompt. The user can try three times to enter a password before the EXEC exits and returns the terminal to the idle state.
The following example removes the password from virtual terminal lines 1 to 4:
line vty 1 4 no password
You can use the master indexes or search online to find documentation of related commands.
enable password
login (line)
To set the terminal receive speed (how fast the terminal receives information from the modem), use the rxspeed line configuration command.
rxspeed bps| bps | Baud rate in bits per second (bps). |
9600 bps
Line configuration
This command first appeared in Cisco IOS Release 10.0.
Set the speed to match the baud rate of whatever device you have connected to the port. Some baud rates available on devices connected to the port might not be supported on the system. The system will indicate if the speed you select is not supported.
The following example sets the line 5 receive rate to 2400 bps:
line 5 rxspeed 2400
You can use the master indexes or search online to find documentation of related commands.
To set the maximum number of terminal sessions per line, use the session-limit line configuration command. Use the no form of this command to remove any specified session limit.
session-limit session-number| session-number | Specifies the maximum number of sessions. |
The default and set session limits are displayed with the show terminal EXEC command.
Line configuration
This command first appeared in Cisco IOS Release 10.0.
The following example limits the number of sessions to eight on a ten-line range:
line 2 12 session-limit 8
You can use the master indexes or search online to find documentation of related commands.
line vty
To set the interval for closing the connection when there is no input or output traffic, use the session-timeout line configuration command. Use the no form of this command to remove the timeout definition.
session-timeout minutes [output]| minutes | Specifies the timeout interval in minutes. |
| output | (Optional) Specifies that when traffic is sent to an asynchronous line from the router (within the specified interval), the connection is retained. |
The default interval is zero, indicating the router maintains the connection indefinitely.
Line configuration
This command first appeared in Cisco IOS Release 10.0.
This command sets the interval that the Cisco IOS software waits for traffic before closing the connection to a remote computer and returning the terminal to an idle state. If only session timeout is the specified command, the session timeout interval is based solely on detected input from the user. If session-timeout output is the specified command, the interval is based on input and output traffic. You can specify a session timeout on each port.
The following example sets an interval of 20 minutes and specifies that the timeout is subject to traffic detected from the user (input only):
line 5 session-timeout 20
The following example sets an interval of 10 minutes, subject to traffic on the line in either direction:
line 5 session-timeout 10 output
To obtain information about the terminal configuration parameter settings for the current terminal line, use the show terminal EXEC command.
show terminalThis command has no arguments or keywords.
EXEC
This command first appeared in Cisco IOS Release 10.0.
The following is sample output from the show terminal command:
router# show terminal
Line 2, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Status: Ready, Active, No Exit Banner
Capabilities: Enabled
Modem state: Ready
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
never never 0:00:15 not imp not set
Session limit is not set.
Allowed transports are telnet rlogin. Preferred is telnet
No output characters are padded
Table 23 describes the fields in the first three lines of show terminal output.
| Field | Description |
|---|---|
| Line 2 | Current terminal line. |
| Location: "" | Location of the current terminal line, as specified using the location line configuration command. |
| Type: "" | Type of the current terminal line, as specified using the line global configuration command. |
| Length: 24 lines | Length of the terminal display. |
| Width: 80 columns | Width of the terminal display, in character columns. |
| Baud rate (TX/RX) is 9600/9600 | Transmit rate/receive rate of the line. |
The following line of output indicates the status of the line:
Status: Ready, Active, No Exit Banner
Table 24 describes possible values for the Status field.
| Field | Description |
|---|---|
| Active | A process is actively using the line. |
| Autobauding | The line is running the autobaud process. |
| Carrier Dropped | Some sense of "carrier" has been dropped, so the line process should be killed. |
| Connected | The line has at least one active connection. |
| Dialing Out | A DDR asynchronous interface is dialing a remote site on this line. |
| Echo Off | The line is not echoing what the user types in (for example because a password must be entered). |
| Escape Started | The first character of the escape sequence has been typed. |
| Escape Typed | Both characters of the escape sequence have been typed. |
| Hanging Up | The line state is "hanging up." |
| Hardware XON/XOFF | The line uses a UART that supports XON/XOFF flow control in hardware. (This does not mean that the line is currently using software flow control.) |
| Hold Typed | The user typed the "hold character" (and the line is paused). |
| Idle | The line modem state is "idle" (see modem state diagrams). |
| Idle Timeout | An idle timeout has occurred. |
| Input Stopped | The input has been turned off because of hardware flow control or overflow. |
| No Exit Banner | The normal exit banner will not be displayed on this line. |
| PSI Enabled | The line is paying attention to typed escape characters. |
| Rcvd BREAK | A BREAK sequence has been received on the line. |
| Rcvd Command | The line has received a special command sequence (for example, ^^B for send break). |
| Rcvd CR | The last character received was a carriage return. |
| Ready | The line state is "ready." |
| Ring Transition | A transition has occurred on the RING signal of the line. |
| Send Break Soon | You need to send a BREAK on the line soon. |
| Send XOFF Soon | Your buffers are full and you should send an XOFF soon. |
| Sending Break | You are in the process of sending a BREAK sequence on the line. |
| Sent XOFF | Your buffers were full, so we sent an XOFF. |
| SLIP Mode | The line is running SLIP or PPP. |
The following line of output indicates the status of the capabilities of the line. These capabilities correspond closely to configurable parameters that can be set using configuration commands.
Capabilities: Enabled
Table 25 describes possible values for the Capabilities field.
| Field | Description |
|---|---|
| Autobaud Full Range | Corresponds to the autobaud command. |
| Character Padding | At least one pad c x configuration command has been used. |
| Enabled | The user has "enabled" successfully. |
| EXEC Suppressed | Corresponds to the no exec command. |
| Hangup on Last Close | Corresponds to the autohangup command. |
| Hardware Flowcontrol In | Corresponds to the flowcontrol hardware in command. |
| Hardware Flowcontrol Out | Corresponds to the flowcontrol hardware out command. |
| Insecure | Corresponds to the insecure command. |
| Lockable | Corresponds to the lockable command. |
| Modem Callin | Corresponds to the modem callin command. |
| Modem Callout | Corresponds to the modem callout command. |
| Modem CTS-Required | Corresponds to the modem cts-required command. |
| Modem DTR-Active | Corresponds to the modem dtr-active command. |
| Modem RI is CD | Corresponds to the modem ri-is-cd command. |
| No Login Banner | Corresponds to the no exec-banner command. |
| Notification Set | Corresponds to the notify command. |
| Output Non-Idle | Corresponds to the session-timeout command. |
| Permanent SLIP | Corresponds to the slip-dedicated command |
| Private Line | Corresponds to the private command. |
| Refuse Suppress-GA | Corresponds to the telnet refuse command. |
| Receives Logging Output | Corresponds to the monitor command. |
| Refuse Telnet Echo | Corresponds to the telnet refuse command. |
| Send BREAK on IP | Corresponds to the telnet break-on-ip command. |
| SLIP allowed | Corresponds to the slip address command. |
| Software Flowcontrol In | Corresponds to the flowcontrol software in command. |
| Software Flowcontrol Out | Corresponds to the flowcontrol software out command. |
| Telnet Transparent Mode | Corresponds to the telnet transparent command. |
The following line of output indicates the modem state. Possible values include Autobauding, Carrier Dropped, Hanging Up, Idle, and Ready.
Modem state: Ready
The following lines of output indicate the special characters that can be entered to activate various terminal operations. The none or hyphen (-) values imply that no special characters are set.
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
The following lines of output indicate the timeout values that have been configured for the line:
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
never never 0:00:15 not imp not set
Table 26 describes the fields in the preceding lines of output.
| Field | Description |
|---|---|
| Idle EXEC | Interval that the EXEC command interpreter waits for user input before resuming the current connection; or if no connections exist, returning the terminal to the idle state and disconnecting the incoming session. This interval is set using the exec-timeout command. |
| Idle Session | Interval that the Cisco IOS software waits for traffic before closing the connection to a remote computer and returning the terminal to an idle state. This interval is set using the session-timeout command. |
| Modem Answer | Interval during which the software raises DTR in response to RING and the modem response to CTS. This interval is set using the modem answer-timeout command. |
| Session | Not implemented in this release. |
| Dispatch | Number of milliseconds the software waits after putting the first character into a packet buffer before sending the packet. This interval is set using the dispatch-timeout command. |
The following lines of output indicate how various options have been configured:
Session limit is not set. Allowed transports are telnet rlogin. Preferred is telnet No output characters are padded
To set the terminal baud rate, use the speed line configuration command. This command sets both the transmit (to terminal) and receive (from terminal) speeds.
speed bps| bps | Baud rate in bits per second (bps). The default is 9600 bps. |
9600 bps
Line configuration
This command first appeared in Cisco IOS Release 10.0.
Set the speed to match the transmission rate of whatever device you have connected to the port. Some baud rates available on devices connected to the port might not be supported on the router. The router indicates whether the speed you selected is not supported.
The following example sets lines 1 and 2 on a Cisco 2509 access server to 115200 bps:
line 1 2 speed 115200
You can use the master indexes or search online to find documentation of related commands.
To set the flow control start character, use the start-character line configuration command. Use the no form of this command to remove the character.
start-character ascii-number| ascii-number | Decimal representation of the start character. |
Decimal 17
Line configuration
This command first appeared in Cisco IOS Release 10.0.
This command defines the character that signals the start of data transmission when software flow control is in effect. See the "ASCII Character Set" appendix in the Configuration Fundamentals Command Reference for a list of ASCII characters.
The following example changes the start character to Ctrl-B, which is decimal 2:
line 2
start-character 2
You can use the master indexes or search online to find documentation of related commands.
flowcontrol
stop-character
terminal start-character
To define which protocols to use to connect to a specific line of the router, use the transport input line configuration command.
transport input {all | lat | mop | nasi | none | pad | rlogin | telnet | v120}| all | Selects all protocols. Restores the default configuration. |
| lat | Selects the Digital LAT protocol and specifies both incoming reverse LAT and host-initiated connections. |
| mop | Selects Maintenance Operation Protocol (MOP). |
| nasi | Select NetWare Access Servers Interface (NASI) as the input transport protocol. |
| none | Prevents any protocol selection on the line. This makes the port unusable by incoming connections. |
| pad | Selects X.3 PAD incoming connections. |
| rlogin | Selects the UNIX rlogin protocol. |
| telnet | Specifies all types of incoming TCP/IP connections. |
| v120 | Select the V.120 protocol for incoming async over ISDN connections. |
No protocols allowed on the line (none).
Line configuration
This command first appeared in Cisco IOS Release 10.0. The lat, pad, all, and v120 keywords first appeared in Cisco IOS Release 11.1. The none option became the default in Cisco IOS Release 11.1. Before Release 11.1, the default was all.
| Caution Cisco routers do not accept incoming network connections to asynchronous ports (TTY lines) by default. You have to specify an incoming transport protocol, or specify transport input all before the line will accept incoming connections. For example, if you are using your router as a terminal server to make console-port connections to routers or other devices, you will not be able to use Telnet to connect to these devices. You will receive the message "Connection Refused." This behavior is new as of Cisco IOS Software Release 11.1. Previous to release 11.1, the default was transport input all. If you are upgrading to Cisco IOS software version 11.1(1) or later from Cisco IOS software Release 11.0 or earlier, you must add the transport input {protocol | all} command, or you will be locked out of your router. |
You can specify one protocol, multiple protocols, all protocols, or no protocols. To specify multiple protocols, enter the keyword for each protocol, separated by a space.
This command can be useful in distributing resources among different types of users, or making certain that only specific hosts can access a particular port. When using two-step protocol translation, the transport input command is useful in controlling exactly which protocols can be translated to other protocols.
Access lists for each individual protocol can be defined in addition to the allowances created by the transport input command. Any settings made with the transport input command override settings made with the transport preferred command.
The following example sets the incoming protocol to Telnet for vtys 0 to 32:
line vty 0 32 transport input telnet
You can use the master indexes or search online to find documentation of related commands.
terminal transport input
transport output
transport preferred
To determine the protocols that can be used for outgoing connections from a line, use the transport output line configuration command.
transport output {all | lat | mop | nasi | none | pad | rlogin | telnet | v120}| all | Selects all protocols. |
| lat | Selects the Digital LAT protocol, which is the protocol used most often to connect routers to Digital hosts. |
| mop | Selects Maintenance Operation Protocol (MOP). |
| nasi | Select NetWare Access Server Interface (NASI) as the output transport protocol. |
| none | Prevents any protocol selection on the line. The system normally assumes that any unrecognized command is a host name. If the protocol is set to none, the system no longer makes that assumption. No connection will be attempted if the command is not recognized. |
| pad | Selects X.3 PAD, used most often to connect routers to X.25 hosts. |
| rlogin | Selects the UNIX rlogin protocol for TCP connections. The rlogin setting is a special case of Telnet. If an rlogin attempt to a particular host has failed, the failure will be tracked, and subsequent connection attempts will use Telnet instead. |
| telnet | Selects the TCP/IP Telnet protocol. It allows a user at one site to establish a TCP connection to a login server at another site. |
| v120 | Select the V.120 protocol for outgoing asynchronous over ISDN connections. |
Telnet
Line configuration
This command first appeared in Cisco IOS Release 10.0. The all, lat, pad, rlogin, and v120 commands first appeared in IOS Release 11.1.
You can specify one protocol, multiple protocols, all protocols, or no protocols. To specify multiple protocols, enter the keyword for each protocol, separated by a space.
Any settings made with the transport output command override settings made with the transport preferred command.
The following example prevents any protocol selection:
transport output none
You can use the master indexes or search online to find documentation of related commands.
terminal transport output
transport input
transport preferred
To specify the transport protocol that the Cisco IOS software uses if the user does not specify one when initiating a connection, use the transport preferred line configuration command.
transport preferred {all | lat | mop | nasi | none | pad | rlogin | telnet | v120}| all | Specifies all recognized protocols. |
| lat | Selects the Digital LAT protocol, which is the protocol used most often to connect routers to Digital hosts. |
| mop | Specifies the Maintenance Operation Protocol (MOP). |
| nasi | Specifies the NetWare Access Server Interface (NASI) protocol. |
| none | Prevents any protocol selection on the line. The system normally assumes that any unrecognized command is a host name. If the protocol is set to none, the system no longer makes that assumption. No connection is attempted if the command is not recognized. |
| pad | Selects X.3 PAD, used most often to connect routers to X.25 hosts. |
| rlogin | Selects the UNIX rlogin protocol for TCP connections. The rlogin setting is part of the Telnet protocol. If an rlogin attempt to a particular host fails, the failure is tracked, and subsequent connection attempts will use Telnet instead. |
| telnet | Selects the TCP/IP Telnet protocol. It allows a user at one site to establish a TCP connection to a login server at another site. |
| v120 | Specifies asynchronous protocols over ISDN. |
Telnet
Line configuration
This command first appeared in Cisco IOS Release 10.0. The lat, pad, and rlogin commands first appeared in Cisco IOS Release 11.1.
Specify transport preferred none to prevent errant connection attempts.
Any settings made with the transport input or transport output commands override settings made with the transport preferred command.
The following example sets the preferred protocol to Telnet on physical terminal line 1:
line tty 1 transport preferred telnet
You can use the master indexes or search online to find documentation of related commands.
terminal transport preferred
transport input
transport output
To set the terminal transmit speed (how fast the terminal sends information to the modem), use the txspeed line configuration command.
txspeed bps| bps | Baud rate in bits per second (bps). |
9600 bps
Line configuration
This command first appeared in Cisco IOS Release 10.0.
Set the speed to match the baud rate of whatever device you have connected to the port. Some baud rates available on devices connected to the port might not be supported on the router. The Cisco IOS software will indicate if the speed you select is not supported.
The following example sets the transmit speed for line 5 to 2400 bps:
line 5 txspeed 2400
You can use the master indexes or search online to find documentation of related commands.
|
|