Need explanation: "line vty 0 4"

**iworms** · 08-07-2008 05:03 AM

I'm a week into using IOS and the console, so far just been updating IOS and getting used to the commands. But the line command is not intuitive -- especially the numbers following it -- and I couldn't find references for it.

For example, I know line con 0 is related to console connection, but what exactly does it do? And what does the number 0 mean?

Now, line vty 0 4: I just use it to setup Telnet password without knowing why. Do I assume Telnet whenever I see vty? And why is there a 4 after 0?

Please don't laugh if I make you wanna laugh. Putting "line vty 0 4" in google didn't get any explanation. Let me pre-thank all help here.

**hono** · 08-07-2008 05:21 AM

Hello,
The number 0 4 is the number of the line vty:
line vty 0, line vty 1, .....
for telnet per default, there is five lines, 0 to 4,
and for the console , there is one line the number 0

**astorrs** · 08-07-2008 05:24 AM

Think of line as similar to interface in that it can contain commands that are specific to that line/interface.

Think of line con 0 as console port #0 (remember Cisco labels interfaces starting at 0, they left it as "0" in case they had routers with multiple console ports).

Think of line vty 0 4 as telnet port #0 through #4 (5 total).

**nice343** · 08-07-2008 05:38 AM

the vty 0 4 is logical telnet lines that can be connected to

**iworms** · 08-07-2008 05:43 AM

Thanks! I get it now, "0 4" means 0 to 4, just like "tftp flash" means from tftp to flash.

So line ... 0 ... is not really like a command, but a label saying the following configs are for such and such lines. All clear now.

**bashtie** · 08-07-2008 05:44 AM

btw. you can also use ssh over those vty lines ... more secure than telnet

**dtlokee** · 08-07-2008 10:57 AM

They're not really "Telnet" lines, they're terminal lines. There are multiple protocols that can be used to connect to those lines depending on how they are configured. By default they will accept telnet connections but you need to set a password. You can also configure SSH which is the preferred choice if yout IOS supports crypto.

to configure SSH

Code:

hostname whateveryouwant
ip domain-name example.com
username bob secret bob    <--- required because SSH uses a username and password
crypto key generate rsa general-keys mod 1024      <--- this line varies you may want to just use "crypto key generate rsa" then put in 1024 for the modulus.

line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better
login local
transport input ssh   <--- allow only ssh protocol into these lines.

**Inc** · 08-07-2008 11:18 AM

Code:

line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better

In case the router doesn't support 16 lines then the configuration input would be rejected.
If you need to configure a lot of devices, then splitting 16 lines in two blocks is better.

Code:

line vty 0 4
(..)
line vty 5 15
(..)

I do it this way and don't have to worry about line support restrictions.

**dtlokee** · 08-07-2008 11:27 AM

Originally Posted by Inc

Code:

line vty 0 4          <--- most IOS versions hsve 16 lines so "line vty 0 15" may be better

In case the router doesn't support 16 lines then the configuration input would be rejected.
If you need to configure a lot of devices, then splitting 16 lines in two blocks is better.

Code:

line vty 0 4
(..)
line vty 5 15
(..)

I do it this way and don't have to worry about line support restrictions.

I usually don't configure the additional lines because they're not necessary in most cases, 5 lines for administration should be enough. If I'm using something like auth-proxy or a terminal server then I will use the additional lines.