If the intent is to prevent connections TO the router via telnet adding
"transport input none" to the vty's will accomplish this. To prevent telnet
connections FROM the router add "transport output none" to the vty's. Add
both and you have effectively disabled telnet on the router.
weezer#192.168.0.30
% Unknown command or computer name, or unable to find computer address
weezer#telnet 192.168.0.30
% telnet connections not permitted from this terminal
jas
At 01:15 AM 5/5/01 -0400, Brian Dennis wrote:
>John,
>He was asking to disable the telnet process. This just disables port 23 for
>the vty lines like an access-class does. There is not way to disable the
>process itself.
>
>Brian Dennis, CCIE #2210 (R&S)(ISP/Dial) CCSI #98640
>5G Networks, Inc.
>[EMAIL PROTECTED]
>(925) 260-2724
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > john mcguinn
> > Sent: Friday, May 04, 2001 7:22 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Disable telnet port [7:3237]
> >
> >
> > config t
> > line vty 0 4
> > transport input none
> >
> > You have successfully disabled telnet port.
> > Jack
> >
> > ----- Original Message -----
> > From: "Brian Dennis"
> > To:
> > Sent: Friday, May 04, 2001 7:21 PM
> > Subject: RE: Disable telnet port [7:3237]
> >
> >
> > > If you put an access-class in on the vty lines that disables everything
> > like
> > > Chuck recommended no one will be able to telnet in. Also a port
> > scan will
> > > not show anything on port 23. So telnet would appear to be disabled.
> > >
> > > There just isn't a way to actually turn off the telnet process
> > on a Cisco
> > > router. If you really want to stop the telnet process you could
> > power off
> > > the router but this would stop all the processes 8-)
> > >
> > > Brian Dennis, CCIE #2210 (R&S)(ISP/Dial) CCSI #98640
> > > 5G Networks, Inc.
> > > [EMAIL PROTECTED]
> > > (925) 260-2724
> > >
> > >
> > > > -----Original Message-----
> > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
Of
> > > > Jacques Atlas
> > > > Sent: Friday, May 04, 2001 4:09 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: RE: Disable telnet port [7:3237]
> > > >
> > > >
> > > > On Fri, 4 May 2001, Chuck Larrieu wrote:
> > > >
> > > > |There is no option "no service telnet" on the IOS I have available
to
> > me.
> > > >
> > > > :-) that was just an example of something that would be nice.
> > > >
> > > > |Your choice would then become an access-list denying telnet to
> > > > appropriate
> > > > |router interfaces. You can also apply access lists to the vty
> > > > ports to limit
> > > > |who can telnet in. nope, can't delete the vty lines either.
> > > >
> > > > acl's for all interfaces is way to complex.
> > > >
> > > > telnet is not an option. if you can stop the telnet daemon on
> > a unix box
> > > > you should be able to do it on a cisco device, if it support another
> > form
> > > > of transport.
> > > >
> > > > owell
> > > >
> > > > --
> > > > jacques
> > > > FAQ, list archives, and subscription info:
> > > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3314&t=3237
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
