Configure and test telnet on cisco routers

Posted: September 26, 2015 in CCNA
Tags: , , ,

Telnet is used as a remote login program.If you want to login to a machine which is far away from you,you must have to use a remote login program and telnet is one of them.Telnet is a remote connection protocol which works on port 23.Here in this article to test remote login through telnet i have used packet tracer software.In this article i have mentioned all the possible way to configure telnet on router or switch.If anyone know some more ways to configure telnet on a router or a switch i will be very happy to know t from our comment section.

telnet configuration

Telnet configuration on Router:

here i am going to configure and enable telnet program on router R1 with password enable on it.

R1>enable

R1#config t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#enable password ccna123

R1(config)#line vty 0 5

R1(config-line)#login

% Login disabled on line 194, until ‘password’ is set

% Login disabled on line 195, until ‘password’ is set

% Login disabled on line 196, until ‘password’ is set

% Login disabled on line 197, until ‘password’ is set

% Login disabled on line 198, until ‘password’ is set

% Login disabled on line 199, until ‘password’ is set

 

Note the above ouput:The  above lines shows that the connection was refused. This is because, login is disabled on all the six telnet sessions we created until a password is set. To set ‘telnet 123’ as a password, go back to the router and type

R1(config-line)#password telnet 123

R1(config-line)#login

R1(config-line)#

 

Now if we try to login from our pc remotely using telnet :

PC>telnet 1.0.0.1

Trying 1.0.0.1 …Open

User Access Verification

Password:

Password:

R1>

Now you can see telnet is working properly.

 

Now see how to configure telnet or enable telnet with no password set.

R1>enable

R1#config t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#enable password ccna123

R1(config)#line vty 0 5

R1(config-line)#no login

 

In above condition when anyone try to login from PC using telnet he/she can easily login to router without any password.Telnet will not ask any password if your router is configured in this way and which may results in a disaster if your router goes in a wrong hand.

So if you don’t want to face such situation you must provide atleast some basic security on your router while configuring telnet.

 

Now see how to configure telnet with username and password enabled.

Telnet configuration on Router R2 with username and Password.

R2>enable

R2#config t

Enter configuration commands, one per line. End with CNTL/Z.

R2(config)#username satish password shivangi

R2(config)#username tiwary password shivangigarg

R2(config)#username vit password slashroot

R2(config)#line vty 0 5

R2(config-line)#login local

R2(config-line)#exit

R2(config)#enable password shivangi123

 

Explanation of above command:In above command we have configured and enabled telnet service on router R2 with user and each user have its own password.

 

Now lets try to connect from PC command promt.

PC>telnet 3.0.0.1

Trying 3.0.0.1 …Open

User Access Verification

Username: satish

Password:

So you can see our telnet is working properly according to our configuration. Now similarly login to router from different PC using different users and then go to router to see the login users or to monitor who is login in your router and from which PC they are login.

 

R2#show users

Line User Host(s) Idle Location

* 0 con 0 idle 00:00:00

196 vty  0  satish    idle    00:02:07        1.0.0.2

197 vty  1   tiwary    idle 00:00:49           1.0.0.3

198 vty 2     vit         idle  00:00:11           3.0.0.3

Interface User Mode Idle Peer Address

 

Now learn how to Configure Telnet to login directly to Privilege Mode:

R2#config t

Enter configuration commands, one per line. End with CNTL/Z.

R2(config)#username Admin privilege 15 secret redhat123

R2(config)#

 

Now to test above telnet configuration go to PC command promt and try to login using telnet.

PC>telnet 3.0.0.1

Trying 3.0.0.1 …Open

User Access Verification

Username: Admin

Password:

R2#

 

you can clearly see the user Admin directly login to privilege mode.

Now again go to to router to see which users are login to your router and when you will use show users command,you will find admin user name also there.

 

R2#show users

Line User Host(s) Idle Location

* 0 con 0 idle 00:00:00

196 vty 0 satish idle 00:05:05 1.0.0.2

197 vty 1 tiwary idle 00:03:46 1.0.0.3

198 vty 2 vit idle 00:03:10 3.0.0.3

199 vty 3 Admin idle 00:00:27 3.0.0.5

Interface User Mode Idle Peer Address

 

Now Learn how to  configure telnet to login with an encrypted username and password.

R2#config t

Enter configuration commands, one per line. End with CNTL/Z.

R2(config)#username shivangi secret satish123

 

To test this configuration see below commands carefully.

PC>telnet 3.0.0.1

Trying 3.0.0.1 …Open

User Access Verification

Username: shivangi

Password:

R2>

 

R2#show users

Line User Host(s) Idle Location

* 0 con 0     idle 00:00:00

196 vty 0  satish   idle 00:09:21       1.0.0.2

197 vty 1  shivangi  idle 00:00:22    1.0.0.3

198 vty 2  vit    idle 00:07:25          3.0.0.3

199 vty 3  Admin  idle 00:04:42    3.0.0.5

Interface User Mode Idle Peer Address

 

In below command you will have to see whethershivangi user has an encrypted password or not.If not then your configuration is wrong,if yes the you have configured it correctly.

 

R2#show run

Building configuration…

Current configuration : 904 bytes

!

enable password shivangi123

!

username Admin privilege 15 secret 5 $1$mERr$/.1oOMouj/h0tWhPw9K6J1

username satish password 0 shivangi

username shivangi secret 5 $1$mERr$N5gbd/27lp5mDoGBcEZGc.

username tiwary password 0 shivangigarg

username vit password 0 slashroot

 

Explanation of above output:Now you can clearly see user shivangi has an encrypted password.

 

Now you can also encrypt all password provided on router using below command:

This will provide additional security to your router.

R2(config)#service password-encryption

R2(config)#exit

Now lets check the result, and you will find your all password used on this routers are encrypted now.

R2#show run

Building configuration…

Current configuration : 951 bytes

!

service password-encryption

!

hostname R2

!

enable password 7 083244471F180B101B5A5E57

!

username Admin privilege 15 secret 5 $1$mERr$/.1oOMouj/h0tWhPw9K6J1

username satish password 7 083244471F180B101B

username shivangi secret 5 $1$mERr$N5gbd/27lp5mDoGBcEZGc.

username tiwary password 7 083244471F180B101B0C0D162D

username vit password 7 0832404F1A1117181D1F

 

If you have any other method to configure telnet on cisco router or cisco switches,leave your command through comment section.Keep reading and keep sharing your knowledge.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s