From: mdye@bevillcntr.org
Date: Sat Mar 15 2003 - 05:09:08 GMT-3
This will do it.
Router(config)#line vty 0
Router(config-line)#login
Router(config-line)#password cisco (or however you set authentication)
Router(config-line)#line vty 1 4 (you generally don't need this; on by
default)
Router(config-line)#no password
The Login IOS command requires that authentication on the vty line. If you
set all VTY to require login and set authentication on only the lowest one,
only one line can be used. Hence only one user can connect.
Make sense?
At 11:59 PM 3/14/03 -0500, West, Jeff wrote:
>I did not know that. Thanks for the info.
>
>Jeff West
>TeleCommunication Systems, Inc.
>(813) 831-6353 x118
>
>
>
>-----Original Message-----
>From: Brian Dennis [mailto:brian@5g.net]
>Sent: Friday, March 14, 2003 6:34 PM
>To: 'Jerry'; West, Jeff; 'Erling Bjontegard'; ccielab@groupstudy.com
>Subject: RE: Block one user from logging into the router.
>
>
>When you put "no login" under the vty you are disabling password
>checking and allowing all connections in automatically. See below.
>
>Rack4R2#wr t
><snip>
>!
>hostname Rack4R2
>!
>interface Ethernet0/0
> ip address 10.1.1.2 255.255.255.0
>!
>line vty 0 4
> no login
>!
><snip>
>
>Rack4R2#telnet 10.1.1.2
>Trying 10.1.1.2 ... Open
>
>Rack4R2>exit
>
>[Connection to 10.1.1.2 closed by foreign host]
>Rack4R2#conf t
>Enter configuration commands, one per line. End with CNTL/Z.
>Rack4R2(config)#line vty 0 4 Rack4R2(config-line)#transport input none
>Rack4R2(config-line)#^Z Rack4R2#
>05:04:13: %SYS-5-CONFIG_I: Configured from console by console
>Rack4R2#telnet 10.1.1.2 Trying 10.1.1.2 ...
>% Connection refused by remote host
>
>Rack4R2#
>
>Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security) CCSI# 98640
>brian@labforge.com
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>Of Jerry
>Sent: Friday, March 14, 2003 2:20 PM
>To: West, Jeff; Erling Bjontegard; ccielab@groupstudy.com
>Subject: Re: Block one user from logging into the router.
>
>Thanks Jeff.
>
>Jerry
>----- Original Message -----
>From: West, Jeff <westj@telecomsys.com>
>To: Jerry <phase90@comcast.net>; Erling Bjontegard <erli-b@online.no>;
><ccielab@groupstudy.com>
>Sent: Friday, March 14, 2003 2:29 PM
>Subject: RE: Block one user from logging into the router.
>
>
>Line vty 0
> login
>Line vty 1 4
> no login
>
>Only one user at a time
>
>
>Jeff West
>TeleCommunication Systems, Inc.
>(813) 831-6353 x118
>
>
>
>-----Original Message-----
>From: Jerry [mailto:phase90@comcast.net]
>Sent: Friday, March 14, 2003 10:42 AM
>To: Erling Bjontegard; ccielab@groupstudy.com
>Subject: Re: Block one user from logging into the router.
>
>
>Hello Erling,
>
> pure speculation, having never done this, but there could
>very possibly be a max-user type command in IOS to limit the # of
>sessiond to 1.
>
>
>Jerry
>----- Original Message -----
>From: Erling Bjontegard <erli-b@online.no>
>To: <ccielab@groupstudy.com>
>Sent: Thursday, March 13, 2003 2:00 PM
>Subject: Block one user from logging into the router.
>
>
>> Hi all,
>> is it possible to block one user from logging into the router when
>> another
>user is logged on?
>>
>> I'm looking for a solution for the following scenario.
>> The router have two users defined - user A and B.
>> When user A do a telnet into the router the router automatically
>block
>> any
>telnet sessions for user B to be established. At the same time new
>user A shall be able to logg on. If there are any user B sessions
>active this shall not be teared down. When all users A are logged off
>the access for user B shall be opened again.
>>
>> Is it possible to configure this?
>>
>> Best Regards
>> Erling Bjontegard
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:40 GMT-3