cc/td/doc/product/software/ios102
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Configuring Terminal Lines and Modem Support

Configuring Terminal Lines and Modem Support

This chapter explains how to configure lines adn terminal settings. The router has three types of terminal lines: one console line, one auxiliary line, and five virtual (network) lines. Most line setup is the same for all types of lines, but certain commands, such as those having to do with modem control and Serial Line Internet Protocol (SLIP)/Point-to-Point Protocol (PPP) support, apply to the auxiliary port only.

For a complete description of the commands mentioned in this chapter, refer to the "Terminal Line and Modem Support Commands" chapter in the Router Products Command Reference publication. To set terminal line characteristics for the duration of a session only, see the terminal EXEC commands in the Cisco Access Connection Guide.

See the end of this chapter for configuration examples.

Line Configuration Task List

You can perform one or more of the tasks in the following sections to configure your line:

Prepare to Configure Lines

Line configuration mode is used to set the terminal-specific parameters. From line configuration mode, you can enter special commands called line configuration commands that affect the auxiliary, console port, or virtual terminal line you have specified. To enter line configuration mode, complete the following task:

Task Command
Step 1 At the privileged EXEC prompt, enter configuration mode from the terminal. configure1
[terminal] <CR>
Step 2 From global configuration mode, begin to configure an auxiliary, console, or virtual terminal line. line [aux | console | vty] line-number [ending-line-number]

1 This command is documented in the "System Image, Microcode Image, and Configuration File Load Commands" chapter in the Router Products Command Reference publication.

For example, to configure line parameters for the auxiliary port, at step 2 in the preceding task you would enter the following:

Router (config)# line aux 0

The auxiliary relative line number must be 0. See the modem line configuration commands in the section "Set Up Modem Control on the Auxiliary Port" later in this chapter to set up modem support on the auxiliary port.

The terminal from which you locally configure the router is attached to the console port. To configure line parameters for the console port, at Step 2 in the preceding task you would enter the following:

Router (config)# line con 0

The console relative line number must be 0.

Virtual terminal lines are used to allow remote access to the router. A virtual terminal line is not associated with either the auxiliary or console port. You can address either a single line or a consecutive range of lines. The router has five virtual terminal lines by default. However, you can create additional virtual terminal lines as described in the next section.

To configure virtual terminal line parameters, at Step 2 in the preceding task you would enter the following:

Router (config)# line vty line-number [ending-line-number]

Configuring the console port or virtual terminal lines allows you to perform such tasks as setting communication parameters, specifying autobaud connections, and configuring terminal operating parameters for the terminal you are using. These tasks are described later in this chapter.

Create Additional Virtual Terminal Lines

The line vty command accepts a line number larger than 5 (up to the maximum allowed on that router with its current configuration). The router dynamically creates all of the new virtual terminal lines between the current highest-numbered line and the number you specify. You can then configure those lines with additional line configuration commands.

See the section "Creating Additional Virtual Terminal Lines Example" at the end of this chapter for an example of how to add virtual terminal lines.

Eliminate Virtual Terminal Lines

To delete virtual terminal lines, perform the following task:

Task Command
Step 1 At the privileged EXEC prompt, enter configuration mode from the terminal. configure1
[terminal] <CR>
Step 2 From global configuration mode, delete virtual terminal lines. no line vty line-number

1 This command is documented in the "System Image, Microcode Image, and Configuration File Load Commands" chapter in the Router Products Command Reference publication.

The router deletes the line number and all virtual terminal line numbers above that number.

You cannot delete virtual terminal lines that are in use; attempting to do so results in a warning message. Virtual terminal lines should be deleted on an idle system only. See the section "Eliminating Virtual Terminal Lines Example" at the end of this chapter for an example of how to eliminate virtual terminal lines.

Absolute versus Relative Line Numbers

Entering the line command with the optional type keyword (aux, con, or vty) designates the line number as a relative line number. You also can enter the line command without the optional type keyword. In this case, the line number is treated as an absolute line number. Absolute line numbers increment consecutively and can be difficult to manage on large systems. Relative line numbers are a shorthand process used in configuration. Internally, the router uses absolute line numbers. You cannot use relative line numbers everywhere, but you can use absolute line numbers everywhere.

The software keeps a table of absolute and relative line numbers that you can display with the EXEC command show users all. A sample display follows:

Line User Host(s) Idle Location 0 con 0 1 aux 0 2 vty 0 incoming 0 SERVER.COMPANY.COM 3 vty 1 4 vty 2 5 vty 3 6 vty 4

Absolute line numbers are listed at the far left in the preceding example. Relative line numbers are in the third column, after the line type. In this example, the second virtual terminal line, line vty 1, is absolute line number 3.

To leave line configuration mode, enter another global configuration command or Ctrl-Z.

Set Communication Parameters

The router supplies default serial communication parameters for terminal and other serial device operation. You can change these parameters as necessary to meet the requirements of the terminal or host to which you are attached. To do so, perform one or more of the following tasks in line configuration mode:

Task Command
Set the line speed. Choose from line speed, transmit speed, or receive speed. Speed applies to the auxiliary port only. speed bps
txspeed bps
rxspeed bps
Set the data bits. databits {5 | 6 | 7 | 8}
Set the stop bits. stopbits {1 | 1.5 | 2}
Set the parity bit. parity {none | even | odd | space | mark}

Configure Automatic Baud Detection

You can configure a terminal to automatically detect the baud rate being used over an asynchronous serial line. This command applies to the auxiliary port only. To set up automatic baud detection, perform the following task in line configuration mode:

Task Command
Set the terminal to automatically detect the baud rate. autobaud

To start communications using automatic baud detection, type multiple Returns at the terminal. A 600-, 1800-, or 19200-baud line requires three Returns to detect the baud rate. A line at any other baud rate requires only two Returns. If you type extra Returns after the baud rate is detected, the EXEC simply displays another system prompt.

Configure Flow Control for Communications

On the auxiliary port, you can set both hardware and software flow control between the router and devices attached to it. Both types of flow control are bidirectional. When you specify software flow control, an additional keyword specifies the direction: in causes the router to listen to flow control from the attached device, and out causes the router to send flow control information to the attached device. If you do not specify a direction, the router enables software flow control in both directions.

For software flow control, the default stop and start characters are Ctrl-S and Ctrl-Q (XOFF and XON), respectively. However, you can define characters or character sequences that signal the start and end of data transmission when software flow control is in effect. This capability is useful for providing control of data over the serial line.

You can also specify hardware flow control. For information about setting up the RS-232 line, see the hardware installation and maintenance manual for your product.

To configure flow control between the router and attached device, perform one or more of the following tasks in line configuration mode:

Task Command
Set the terminal flow control. flowcontrol {none | software [in | out] | hardware [in | out]}
Set the flow control start character. start-character ascii-number
Set the flow control stop character. stop-character ascii-number

Define a Command String for Automatic Execution

You can set up a command or string of commands that will automatically execute upon connection to another host. Any appropriate EXEC command and any switch or host name that occurs with the EXEC command are allowed. To do so, perform the following task in line configuration mode:

Task Command
Define a command or string of commands to be automatically executed. autocommand command

Create Packet Dispatch Sequences

The router supports configuration of dispatch sequences. You can set up dispatch characters that allow packets to be buffered, then transmitted upon receipt of a character. These characters are useful on an auxiliary port only, and then only if you have some special-purpose device hooked up.

To configure a dispatch sequence, perform one or both of the following tasks as needed for your particular system in line configuration mode:

Task Command
Define one or more characters that trigger packet transmission for a particular line. dispatch-character ascii-number1
[ascii-number2 . . . ascii-number]
Set the dispatch timer. dispatch-timeout milliseconds

Specify the Transport Protocol for a Specific Line

You can selectively specify the protocols allowed on individual lines. You can set the protocol for incoming and outgoing connections and change the default (preferred) protocol for a line. The default transport protocol is Telnet.

Selecting which command to use is determined by whether it is for incoming or outgoing connections or is being used as a default (preferred) selection.

Perform one or more of the following tasks in line configuration mode to specify transport protocols:

Task Command
Define which protocols can be used to connect to a specific line of the router. transport input {mop telnet | none}
Determine the protocols that can be used for outgoing connections from a line. transport output {telnet | none}
Specify the protocol for the router to use if the user did not specify a protocol. transport preferred telnet
Prevent errant connection attempts. transport preferred none

The system accepts a host name entry at the EXEC system prompt as a Telnet command. If you mistype the host name, the system interprets the entry as an incorrect Telnet command and provides an error message indicating that the host does not exist. The transport preferred none command disables this option so that if you mistype a command at the EXEC prompt, the system will not attempt to make a Telnet connection.

Establish Terminal Session Limits

You can control terminal sessions in high traffic areas to provide resources for all users. To do so, perform one or both of the following tasks in line configuration mode:

Task Command
Set the maximum number of sessions. session-limit session-number
Set the idle session timeout interval. session-timeout minutes [output]

Set Up Modem Control on the Auxiliary Port

You can configure modem control on the auxiliary port of the router. The auxiliary port is a standard RS-232-C DB-25 connector. Its output signals are Transmit Data (TXDATA), Data Terminal Ready (DTR), and Request To Send (RTS). The input signals are Receive Data (RXDATA), Clear to Send (CTS), RING, and Carrier Detect (CD).

You can perform the following modem control procedures on the router:

State diagrams accompany some of the tasks in the following sections to illustrate how the modem control works. The diagrams show two processes:

In the diagrams, the current signal state and the signal the line is watching are listed inside each box. The state of the line (as displayed by the EXEC command show line) is listed next to the box. Events that change that state appear in italics along the event path, with actions that the software takes described within the ovals.

Figure 4-1 illustrates line behavior when no modem control is set. The DTR output is always high, and CTS and RING are completely ignored. The router creates an EXEC when the user types the activation character. Incoming TCP connections occur instantly if the line is not in use and can be closed only by the remote host.




Figure 4-1: EXEC and Daemon Creation on a Line with No Modem Control

Configure Automatic Dialing

With the dial-up capability, you can set a modem to automatically dial the phone number of a remote router. This feature offers cost savings because phone line connections are made as needed. You only pay for using the phone line when there is data to be received or sent. To configure a line for automatic dialing, perform the following task in line configuration mode:

Task Command
Configure a line to initiate automatic dialing. modem dtr-active

Close Modem Connections

You can configure a line to close connections from a user's terminal when the terminal is turned off, and prevent inbound connections to devices that are out of service. To do so, perform the following task in line configuration mode:

Task Command
Configure a line to close connections. modem cts-required

Figure 4-2 illustrates the modem cts-required process. This form of modem control requires that CTS be high throughout the use of the line. If CTS is not high, the user's typed input is ignored and incoming connections are refused (or step to the next line in a rotary group).


Note In order for a router to reliably detect a CTS signal change, the signal must remain in the new state for at least one full second.




Figure 4-2: EXEC and Daemon Creation on a Line Configured for Continuous CTS

Automatically Answer a Modem

You can configure a line to automatically answer a modem. You would also configure the modem to answer the telephone on its own as long as DTR is high, drop connections when DTR is low, and use its Carrier Detect (CD) signal to accurately reflect the presence of carrier (configuring the modem is a modem-dependent process). Wire the modem's CD signal (generally pin-8) to the router's RING input pin-22), and perform the following task in line configuration mode:

Task Command
Configure a line to automatically answer a modem. modem ri-is-cd

You can turn on the modem's hardware flow control independently to act on the status of the router's CTS input. Wire CTS to whatever signal the modem uses for hardware flow control. If the modem expects to control hardware flow in both directions, you might also need to wire the modem's flow control input to some other signal that the router always has high (such as DTR).

Figure 4-3 illustrates the modem ri-is-cd process. When the router detects a signal on the RING input of an idle line, it starts an EXEC or autobaud process on that line. If the RING signal disappears on an active line, the router closes any open network connections and terminates the EXEC. If the user exits the EXEC or the router terminates it because of no user input, the line hangs up the modem by lowering the DTR signal for five seconds. After five seconds, the modem is ready to accept another call.




Figure 4-3: EXEC Creation on a Line Configured for a High-Speed Dial-up Modem

Support a Dial-In Modem

The router supports dial-in modems that use DTR to control the off-hook status of the telephone line. Perform the following task in line configuration mode to configure the line to support this feature:

Task Command
Configure a line for a dial-in modem. modem callin

Figure 4-4 illustrates the modem callin process. When a modem dialing line is idle, it has DTR in a low state and waits for a transition to occur on the RING input. This transition causes the line to raise DTR and start watching the CTS signal from the modem. After the modem raises CTS, the router creates an EXEC on the line. If the timeout interval (set with the modem answer-timeout command) passes before the modem raises CTS, the line lowers DTR and returns to the idle state.




Figure 4-4: EXEC Creation on a Line Configured for Modem Callin
Note The modem callin and modem cts-required line configuration commands are useful for SLIP operation. These commands ensure that when the line is hung up or CTS drops, the line reverts from SLIP mode to normal interactive mode. These commands do not work if you use the async dedicated command to put the line in network mode permanently.

Although you can use the modem callin line configuration command with newer modems, the modem ri-is-cd line configuration command described earlier in this section is more appropriate. The modem ri-is-cd command frees up CTS for hardware flow control. Modern modems do not require the assertion of DTR to take a phone line off-hook.

Support Reverse Modem Connections and Prevent Incoming Calls

The router supports ports connected to computers that are to be connected to modems. You can configure the router to behave somewhat like a modem by performing the following task in line configuration mode. This command also prevents incoming calls.

Task Command
Configure a line for reverse connections and prevent incoming calls. modem callout

Figure 4-5 illustrates the modem callout process. When the router receives an incoming connection, it raises DTR and waits to see if the CTS becomes high as an indication that the host has noticed its signal. If the host does not respond within the interval set with the modem answer-timeout subcommand, the router lowers DTR and drops the connection.




Figure 4-5: Daemon Creation on a Line Configured for Modem Callout

Support Dial-In and Dial-Out Modems

You can configure a line for both incoming and outgoing calls by performing the following task in line configuration mode:

Task Command
Configure a line for both incoming and outgoing calls. modem in-out

Figure 4-6 illustrates the modem in-out process. If the line is activated by raising RING, it behaves exactly as a line configured with the modem ri-is-cd subcommand described earlier. If the line is activated by an incoming TCP connection, the line behaves similarly to a nonmodem line.




Figure 4-6: EXEC and Daemon Creation on a Line Configured for Incoming and Outgoing Calls
Note If your system incorporates dial-out modems, consider using access lists to prevent unauthorized use.

Configure a Line Timeout Interval

You can change the interval that the router waits for CTS after raising DTR in response to RING from the default of 15 seconds. To do so, perform the following task in line configuration mode. The timeout applies to the modem callin command only.

Task Command
Configure modem line timing. modem answer-timeout seconds

Configure Rotary Groups

Connections can be made to the next free line in a group of lines, also called a rotary or hunt group. A line can be in only one rotary group; a rotary group can consist of a single line or several contiguous lines. The console line (line 0) cannot be in a rotary group.

You might want to assign the rotary with the single auxiliary port line, because the auxiliary port is not necessarily the same line number on all hardware. By putting it in a rotary group, you do not have to track the actual line number. Another reason to use a rotary group is that if the device supports LAT, an inbound service can only be bound to a rotary group; it cannot be bound to a port number.

To configure a rotary group, perform the following task in line configuration mode:

Task Command
Add a line to the specified rotary group. rotary group

Configure Automatic Line Disconnect

You can configure automatic line disconnect by performing the following task in line configuration mode:

Task Command
Configure automatic line disconnect. autohangup

The command causes the EXEC to issue the exit command when the last connection closes. This feature is useful for UNIX UUCP applications that require this behavior, because UUCP scripts cannot issue the command that hangs up the telephone.

Configure High-Speed Modem Support

Dial-up modems that operate over normal dial-up telephone lines at speeds of 9600 bits per second and higher are now available. These modems do not operate at a guaranteed throughput; instead, they operate at a speed dependent on the quality of the line, the effectiveness of data compression algorithms on the data being transmitted, and other variables. These modems use hardware flow control to stop the data from reaching the host by toggling an RS-232 signal when they cannot accept any more.

In addition to hardware flow control, dial-up modems require special software handling. For example, they must be configured to create an EXEC when a user dials in and to hang up when the user exits the EXEC. These modems must also be configured to close any existing network connections if the telephone line hangs up in the middle of a session.

Your router supports hardware flow control on its CTS input, which is also used by the normal modem handshake.

Perform the following tasks to configure and use a high-speed modem:

Task Command
Step 1 In line configuration mode, enable outgoing hardware flow control based on the CTS input. flowcontrol hardware
Step 2 In EXEC mode, display informational messages about modem control events, such as signal transitions and autobaud progress, on the console terminal. debug modem1
Step 3 In EXEC mode, display the status of a line. In the detailed command output, a Status line with "Idle" identifies inactive modem ri-is-cd lines and all other modem lines; a Status line with "Ready" identifies lines in use. show line2
Step 4 In EXEC mode, close all the connections on a line and hang up the modem. clear line

1 This command is documented in the Debug Command Reference publication.
2 This command is documented in the "User Interface Commands" chapter in the Router Products Command Reference publication.

Configure Chat Scripts for Asynchronous Lines

Chat scripts are strings of text used to send commands for modem dialing, logging onto remote systems, and for initializing asynchronous devices connected to the line. On a router, chat scripts can be configured on the auxiliary port only. A chat script must be defined for dialing out on asynchronous lines.

You can configure chat scripts manually, or you can configure a line so that chat scripts are executed in response to specific events on a line, with each script activated in response to a different event. These events can include the following:

To use a chat script, perform the following steps:

Step 1 Create a chat script.

Step 2 Configure the line so that a chat script is activated when a specific event occurs, or start a chat script manually.

Create a Chat Script

To define a chat script, perform the following task in global configuration mode:

Task Command
Create a script that will place a call on a modem, log on to a remote system, or initialize an asynchronous device on a line. chat-script script-name expect send...1

1 This command is documented in the "DDR Commands" chapter of the Router Products Command Reference publication.

A limited list of keywords are supported along with expect/send pairs. Send strings can have special escape modifiers.

For an example of how to write scripts, refer to configuration examples in the DDR chapter.

It is recommended that one chat script (a "modem" chat script) be written for placing a call and another chat script (a "system" or "login" chat script) be written to log onto remote systems, where required.

When you create a script name, you should include the modem vendor, type and modulation separated by hyphens. For example, if you have a Telebit t3000 modem that uses V.32bis modulation, your script name would be telebit-t3000-v32bis.

Configure the Line to Activate Chat Scripts

Chat scripts can be activated by any of five events, each corresponding to a different version of the script line configuration command. To start a chat script manually at any point, refer to the section "Start a Chat Script Manually."

To define a chat script to start automatically when a specific event occurs, perform the following tasks in line configuration mode:

Task Command
Start a chat script on a line when the line is activated (every time a command EXEC is started on the line). script activation regexp1
Start a chat script on a line when a network connection is made to the line. script connection regexp
Specify a modem script for DDR on a line. script dialer regexp2
Start a chat script on a line whenever the line is reset. script reset regexp
Start a chat script on a line whenever the system is started up. script startup regexp

1 The argument regexp is a regular expression that is matched to a script name that has already been defined using the chat-script command.
2 To use a chat script for dial-on-demand routing (DDR), refer to "Specify Chat Scripts for DDR" in the chapter "Configuring DDR."

Start a Chat Script Manually

You can start a chat script manually on any line that is currently not active by performing the following task in privileged EXEC mode:

Task Command
Start a chat script manually on any asynchronous line. start-chat regexp [aux 0 [dialer-string]]

If you do not specify the line number, the script runs on the current line. If the line specified is already in use, you cannot start the chat script. A message appears indicating that the line is already in use.

Support Reverse TCP Connections

In addition to initiating connections, the router can receive incoming connections on the auxiliary port. This capability allows you to attach serial printers, modems, and other shared peripherals to the router and drive them remotely from other systems. The router supports reverse TCP connections.

The specific TCP port or socket to which you attach the peripheral device determines the type of service the router provides on that line. When you attach the serial lines of a computer system or a data terminal switch to the auxiliary port of the router, the router acts as a network front end for a host that does not support the TCP/IP protocols. This arrangement is sometimes called front-ending or reverse connection mode.

To connect the auxiliary port, the remote host or terminal must specify a particular TCP port on the router. If Telnet protocols are required, that port is 2000 (decimal) plus the decimal value of the line number.

If a raw TCP stream is required, the port is 4000 (decimal) plus the decimal line number. The raw TCP stream is usually the required mode for sending data to a printer.

The Telnet protocol requires that carriage return characters be translated into carriage return and linefeed character pairs. You can turn this translation off by specifying the Telnet binary mode option. To specify this option, connect to port 6000 (decimal) plus the decimal line number.

Define Terminal Operation Characteristics

In line configuration mode, you can set terminal operation characteristics that will be in operation for that line until the next time you change the line parameters.

Alternatively, you can temporarily change the line settings with the terminal EXEC commands provided in the Cisco Access Connection Guide.

You can define the following terminal operation characteristics:

Specify the Terminal Type

You can specify the type of terminal connected to a line. This feature has two benefits: it provides a record of the type of terminal attached to a line, and it can be used in Telnet terminal negotiations to inform the remote host of the terminal type for display management. To specify the terminal type, perform the following task in line configuration mode:

Task Command
Specify the terminal type. terminal-type terminal-name

Set the Terminal Screen Length and Width

By default, the router provides a screen display of 24 lines by 80 characters. You can reconfigure these values if they do not meet the needs of your terminal by performing the following tasks in line configuration mode:

Task Command
Set the screen length. length screen-length
Set the screen width. width characters

The values set can be learned by some host systems that use this type of information in terminal negotiation. Set a value of zero for the screen length to disable pausing between screens of output.

Define Escape Character and Other Key Sequences

You can define or modify the default key sequences to execute functions for system escape, terminal activation, disconnect, and terminal pause. To define or change the default sequence, perform one or more of the following tasks in line configuration mode:

Task Command
Change the system escape sequence. The escape sequence indicates that the codes that follow have special meaning. The default sequence is Ctrl-^. escape-character ascii-number
Define a session activation sequence or character. Typing this sequence at a vacant terminal begins a terminal session. The default key is Return. activation-character ascii-number
Define the session disconnect sequence or character. Typing this sequence at a terminal ends the session with the router. There is no default sequence. disconnect-character ascii-number
Define the hold sequence or character that causes output to the terminal screen to pause. There is no default sequence. To continue the output, type any character after the hold character. To use the hold character in normal communications, precede it with the escape character. hold-character ascii-number

You can reinstate the default value for the escape character or activation character by using the no form of the command. For example, issuing the no escape-character line configuration command returns the escape character to Ctrl-^.

Specify the International Character Display

You can use a 7-bit character set (such as ASCII) or you can enable a full 8-bit international character set (such as ISO 8859) to allow special graphical and international characters for use in banners and prompts. To specify a character set on a global basis, perform one or both of the following tasks in global configuration mode:

Task Command
Specify the character set used in EXEC and configuration command characters. default-value exec-character-bits {7 | 8}
Specify the character set used in special characters such as software flow control, hold, escape, and disconnect characters. default-value special-character-bits {7 | 8}

To specify a character set based on hardware, software, or on a per-line basis, perform the appropriate task in line configuration mode, as follows:

Task Command
Set the number of databits per character that are generated and interpreted by hardware. databits {5 | 6 | 7 | 8}
Set the number of databits per character that are generated and interpreted by software. data-character-bits {7 | 8}
Specify the character set used in EXEC and configuration command characters on a per-line basis. exec-character-bits {7 | 8}
Specify the character set used in special characters such as software flow control, hold, escape, and disconnect characters on per-line basis. special-character-bits {7 | 8}

Setting the EXEC character width to eight bits can cause failures. For example, if a user on a terminal that is sending parity enters the command help, an "unrecognized command" message appears because the system is reading all eight bits, although the eighth bit is not needed for the help command.

Set Character Padding

You can change the character padding on a specific output character. Character padding adds a number of null bytes to the end of the string and can be used to make a string an expected length for conformity. To set character padding, perform the following task in line configuration mode:

Task Command
Set padding on a specific output character for the specified line. padding ascii-number count

Disable Enhanced Editing Mode

To disable enhanced editing mode and revert to the editing mode of previous software releases, perform the following task in line configuration mode:

Task Command
Disable the enhanced editing features for a particular line. no editing1

1 This command is documented in the "User Interface Commands" chapter of the Router Products Command Reference.

You might disable enhanced editing if you have prebuilt scripts, for example, that do not interact well when enhanced editing is enabled. You can reenable enhanced editing mode with the editing command.

Set a Terminal-Locking Mechanism

You can enable a terminal-locking mechanism that allows a terminal to be temporarily locked by performing the following task in global configuration mode:

Task Command
Enable a temporary terminal locking mechanism. lockable

After you configure the line as lockable, you must still issue the lock EXEC command to lock the keyboard.

Dedicate a Line to a Particular User

By default, user-set terminal parameters are cleared with the EXEC command exit or when the interval set with the exec-timeout line configuration command has passed. However, you can configure a line so that user-set terminal parameters are saved between sessions by performing the following task in line configuration mode:

Task Command
Configure a line so that the terminal parameters the user sets remain in effect between terminal sessions. private

Provide Line Connection Information after the Login Prompt

You can provide the host name, line number, and location each time an EXEC is started or an incoming connection is made. The line number banner appears immediately after the EXEC banner or incoming banner. It is useful for tracking problems with modems because it lists the host and line for the modem connection. Modem type information is also included if applicable.

To provide service line number information, perform the following task in global configuration mode:

Task Command
Provide service line number information after the EXEC or incoming banner. service linenumber

Enable Password Checking at Login

You can enable password checking on a particular line so that the user is prompted to enter a password at the system login screen. You must then also specify a password. Perform the following tasks in line configuration mode:

Task Command
Step 1 Enable password checking on a per-line basis using the password specified with the password command. login
Step 2 Assign a password to a particular line. password password

You can enable password checking on a per-user basis, in which case authentication is based on the username specified with the username global configuration command, as described in the "Managing the System" chapter. To enable this type of password checking, perform one of the following tasks in line configuration mode:

Task Command
Enable password checking on a per-user basis using the username and password specified with the username global configuration command. login local
Select the TACACS-style user ID and password-checking mechanism login tacacs

By default, virtual terminals require passwords. If you do not set a password for a virtual terminal, it will respond to attempted connections by displaying an error message and closing the connection. Use the no login command to disable this behavior and allow connections without a password.

For examples of password checking, see the configuration examples at the end of this chapter.

For other access control tasks and password restrictions, including the enable password global configuration command that restricts access to privileged mode, see the "Managing the System" chapter.

Create Packet Dispatch Sequences

The router supports configuration of dispatch sequences. You can set up dispatch characters that allow packets to be buffered, then transmitted upon receipt of a character. These characters are useful on an aux port only, and then only if you have some special-purpose device hooked up.

Perform the following tasks in line configuration mode, as needed for your particular system needs:

Task Command
Define one or more characters that trigger packet transmission for the current terminal session. dispatch-character ascii-number1 [ascii-number2 . . . ascii-number]
Set the dispatch timer for the current terminal session. dispatch-timeout milliseconds

Configure Terminal Banner Messages

You can configure the following types of messages that will be displayed to users of terminals connected to the router:

You can also turn on or off message display.

The following sections explain how to configure these messages and how to suppress display of message-of-the-day and line activation banners.

Configure a MOTD Banner

You can configure a message of the day to be displayed on all connected terminals. This message is displayed at login and is useful for sending messages that affect all network users, such as impending system shutdowns. To do so, perform the following task in global configuration mode:

Task Command
Configure a message-of-the-day banner. banner motd d message d

Configure a Line Activation Message

You can configure a line activation message to be displayed when an EXEC process such as line activation or incoming connection to a virtual terminal is created. To do so, perform the following task in global configuration mode:

Task Command
Configure a message to be displayed on terminals with an interactive EXEC. banner exec d message d

Configure an Incoming Message Banner

You can configure a message to be displayed on terminals connected to reverse Telnet lines. This message is useful for providing instructions to users of these types of connections. Reverse Telnet connections are described in more detail in the section "Support Reverse TCP Connections" earlier in this chapter.

To configure the message that will be sent on incoming connections, perform the following task in global configuration mode:

Task Command
Configure messages to display on terminals connected to reverse Telnet lines. banner incoming d message d

Configure an Idle Terminal Message

You can configure messages to be displayed on a console or terminal not in use. Also called a vacant message, this message is different from the banner message displayed when an EXEC process is activated. To configure an idle terminal message, perform the following task in line configuration mode:

Task Command
Display an idle terminal message. vacant-message [d message d]

Enable or Disable the Display of Messages

You can control display of the MOTD and line activation banners. By default, these banners are displayed on all lines. To suppress or reinstate the display of such messages, perform one of the following tasks in line configuration mode:

Task Command
Suppress banner display. no exec-banner
Reinstate the display of the EXEC or MOTD banners. exec-banner

Configure Telnet Capabilities

Telnet, a virtual terminal protocol that is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite, allows for connections to hosts. You can configure a line to support the Telnet capabilities described in the following sections:

Each item is described in a following section.

Generate a Hardware Break Signal

A hardware Break signal is generated when a Telnet Break command is received. You can configure the router to also generate a Break on Interrupt process command. To enable the system to generate a hardware Break signal on the RS-232 line that is associated with a reverse Telnet connection, complete the following task in line configuration mode:

Task Command
Set the system to generate a hardware Break signal. telnet break-on-ip

This capability is useful because several user Telnet programs can send an Interrupt Process command but cannot send a Telnet Break signal, while other programs implement a Break signal that sends an Interrupt Process command. RS-232 devices use the hardware Break signal for various purposes.

Suppress Telnet Remote Echo and Go-Ahead Options

You can cause Telnet to refuse to negotiate full-duplex, remote echo options on incoming connections. Use the following command on reverse Telnet connections to allow the router to refuse these requests from the other end. This command suppresses negotiation of the Telnet Remote Echo and Suppress Go-Ahead options. Perform the following task in line configuration mode:

Task Command
Set a line to refuse to negotiate full-duplex, remote echo options. telnet refuse-negotiations

Negotiate Speed

To allow the line to negotiate a bit rate on incoming connections, perform the following task in line configuration mode:

Task Command
Set the line to negotiate speeds on incoming connections. telnet speed default-speed maximum-speed

The router uses the default speed if the connected device does not specify a speed. The maximum speed is the highest speed the router will use.

Send a Telnet Synchronize Signal

To cause an incoming connection to send a Telnet synchronize signal when it receives a Telnet Break signal, complete the following task in line configuration mode:

Task Command
Cause an incoming connection to send a Telnet synchronize signal when it receives a Telnet Break signal. telnet sync-on-break

This capability is used very rarely to ensure the ordering of Break reception with respect to data characters sent after the Break signal.

Set End-of-Line Control

To configure the router to send a carriage return (CR) as a CR followed by a NULL instead of a CR followed by a line feed (LF), complete the following task in line configuration mode:

Task Command
Send a CR followed by a NULL instead of a LF. telnet transparent

This capability is useful for coping with different interpretations of end-of-line handling in the Telnet protocol specification.

Define Telnet Connection Failure and Success Messages

You can define a message that is displayed when a Telnet connection to a specified host fails or succeeds. To do so, perform one or both of the following tasks in global configuration mode:

Task Command
Define a message that the router displays whenever an attempt to connect to the specified host fails. busy-message hostname d message d
Define a message that the router displays whenever an attempt to connect to the specified host succeeds. login-string hostname d message [%secp] [%secw] [%b] d

With the login-string options, you can set a pause, prevent a user from issuing commands during a pause, send a Break character, and use a percent sign in the login string.

Record the Device Location

You can record the location of a serial device by performing the following task in line configuration mode. The text provided for the location appears in the output of the EXEC monitoring commands.

Task Command
Record the location of a serial device. location text

Set Pending Output Notification

You can set up a line to inform a user who has multiple, concurrent Telnet connections when output is pending on a connection other than the current one. To do so, perform the following task in line configuration mode:

Task Command
Set up a line to notify a user of pending output. notify

Refuse a Connection

You can define a "line-in-use" message to indicate that the line is currently busy by performing the following task in line configuration mode:

Task Command
Define a "line-in-use" message. refuse-message d message d

Establish and Control the EXEC Process

By default, the router starts an EXEC process on all lines; however, commands are available to control EXEC processes, as follows:

When you want to allow an outgoing connection only for a line, use the no exec command. When a user tries to use a line with the EXEC off, the user will get no response when pressing the Return key at the login screen.
The EXEC command interpreter waits for a specified interval of time until the user starts input. If no input is detected, the EXEC resumes the current connection, or if no connections exist, it returns the terminal to the idle state and disconnects the incoming session.

To control the EXEC as stated above, perform the following tasks in line configuration mode:

Task Command
Turn the EXEC on or off. exec or no exec
Set the idle terminal timeout interval. exec-timeout minutes [seconds]

Display Debug Messages on the Terminal

The EXEC provides the ability to display debug command output and system error messages on the current terminal. To enable this feature, perform the following task in EXEC mode:

Task Command
Display debug command output and system error messages on the current terminal. terminal monitor1

1 This command is documented in the Cisco Access Connection Guide.

Refer to the Debug Command Reference publication for details on debug commands and output.

Configuration Examples

The following sections provide line configuration examples:

Line Configuration Example

In the following example, the user configures console line 0, virtual terminal lines 0 through 4, and auxiliary line 0:

line vty 0 4 login line con 0 password george line aux 0 password Mypassword no exec access-class 1 in speed 19200 line vty 0 exec-timeout 0 0 password Mypassword line vty 1 exec-timeout 0 0 password Mypassword line vty 2 exec-timeout 0 0 password Mypassword line vty 3 password Mypassword line vty 4 password Mypassword

Creating Additional Virtual Terminal Lines Example

In the following example, the user creates and configures the maximum 100 virtual terminal lines with the "no login" feature:

line vty 0 99 no login

Eliminating Virtual Terminal Lines Example

In the following example, the user eliminates virtual terminal line number 5 and all higher-numbered virtual terminal lines. Only virtual terminal lines 0 to 4 will remain.

no line vty 5

Banner Message Example

Suppose you want a message explaining that the server is going to be reloaded with new software. The following example shows how to use the banner global configuration command and
no exec-banner line configuration command to notify your users:

! Both messages are inappropriate for the VTYs. line vty 0 4 no exec-banner ! banner exec / This is Cisco Systems training group router. Unauthorized access prohibited. / ! banner incoming / You are connected to a Hayes-compatible modem. Enter the appropriate AT commands. Remember to reset anything to change before disconnecting. / ! banner motd / The router will go down at 6pm for a software upgrade /

Password Checking Examples

The following example shows password checking enabled for a virtual terminal line 1:

line vty 1 login password letmein

The following example shows password checking enabled on a user basis:

username jksmith password 0 letmein username lmjones password 0 littlerock ... line vty 1 login local


hometocprevnextglossaryfeedbacksearchhelp
Copyright 1989-1997 © Cisco Systems Inc.