Re: Access to con, aux, and vty ports on Cisco devices



1.  I am wanting to know if a password is not set on a line aux or line con
for a Cisco router if that router can be logged onto without a password.

I know that if you do not put a password on the line vty lines you will
not get a prompt to logon.

For example, will the configuration below allow one to a logon prompt
without requiring a password?

line aux 0                                    
 exec-timeout 15 0                            

2.  Also, do you have to have the keyword login to get password prompt
for any line (vty, con or aux)?
For example, would you get prompted for password if have configuration below?

!
line con 0
 exec-timeout 15 0
 password 7 xxxxxxxxxx
line aux 0
 exec-timeout 15 0
 password 7 xxxxxxxxxx
 length 25
line vty 0 4
 access-class 10 in
 exec-timeout 15 0
 password 7 xxxxxxxxx


Thank you for your assistance!!
Great site!
zoey25Asked:
Who is Participating?
 
celsmkConnect With a Mentor Commented:
zoey25,

I tested the configuration of line vty without "login": you will get the EXEC prompt without being asked for a password.

Regards,

Celsmk
0
 
celsmkCommented:
1) With this configuration, you will get non priviledge EXEC mode right after you type CR (Enter):
line aux 0                                    
 exec-timeout 15 0                            
!
2) You will need to configure "login" to get a password prompt to access to EXEC.

Regards,

Celsmk
0
 
NetoMeter ScreencastsCommented:
Hi!
if you specify the following for "line con 0":
---------------
line con 0
no login
-----------------

then you will not be prompted for a password for executive mode.

NetoMeter
0
 
zoey25Author Commented:
Thank you both for great feedback.

Celsmk and NetoMeter,
Re 2)
Just wanting to be sure I understand...
Do you know what the result would be if you do not have
keyword, login, but have a Password configured?
For example, in configuration below a Password is configured,
but keyword login is not set.   So...would someone be able to telnet to these
lines (since the requirement of Password is meant) and go straight to User Exec
without Password?

line vty 0 4
 access-class 10 in
 exec-timeout 15 0
 password 7 xxxxxxxxx

Thank you!



0
 
zoey25Author Commented:

Great.  Thank you for testing that...I haven't had access to a router to test.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.