Configuring Terminal Operating Characteristics for Dial-In Sessions
This chapter describes how to set operating characteristics for remote terminal service connections. It includes the following main sections:
For a complete description of the terminal characteristic commands in this chapter, refer to the Cisco IOS Terminal Services Command Reference, Release 12.2. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.
To identify the hardware platform or software image information associated with a feature, use the Feature Navigator on Cisco.com to search for information about the feature or refer to the software release notes for a specific release. For more information, see the “Identifying Supported Platforms” section in the “Using Cisco IOS Software” chapter.
Selecting a Preferred Connection Protocol
Your first task is to select a preferred connection protocol, then configure the appropriate communication parameters. The preferred transport type is your preferred connection protocol. To configure the router to support specific protocols, perform the tasks described in the following sections:
Specifying the Transport Protocol
Use the transport preferred command to specify which transport protocol is used on connections. Use the transport input and transport output commands to explicitly specify the protocols allowed on individual lines for both incoming and outgoing connections.
Note Cisco routers do not accept incoming network connections to asynchronous ports (TTY lines) by default. You must specify an incoming transport protocol before the line will accept incoming connections. For example, if you are using your router as a terminal server to make console-port connections to routers or other devices, you will not be able to use Telnet to connect to these devices. You will receive the message “Connection Refused.”
For routers that support the Digital local-area transport (LAT) protocol, the default protocol for outgoing connections is LAT. For those that do not support LAT, the default protocol for outgoing connections is Telnet. For incoming connections, all the supported network protocols are accepted.
To specify transport protocols, use one or more of the following commands in line configuration mode:
|
|
Router(config-line)# transport input { lat | mop | nasi | none | pad | rlogin | ssh | telnet | v120 } |
Defines which protocols can be used to connect to a specific line. |
Router(config-line)# transport output { lat | mop | nasi | none | pad | rlogin | telnet | v120 } |
Determines the protocols that can be used for outgoing connections from a line. |
Router(config-line)# transport preferred { lat | mop | nasi | pad | rlogin | telnet | v120 } |
Specifies the protocol for the router to use if the user did not specify a protocol. |
Router(config-line)# transport preferred none |
Prevents errant connection attempts. |
The IOS software accepts a host name entry at the EXEC system prompt as a Telnet command. If you enter the host name incorrectly, the router interprets the entry as an incorrect Telnet command and provides an error message indicating that the host does not exist. The transport preferred none command disables this option so that if you enter a command incorrectly at the EXEC prompt, the software does not attempt to make a Telnet connection to a host that it cannot find.
The transport preferred command setting specifies a search order when attempting to resolve names that might be valid for multiple protocols. If the address or service does not match the preferred protocol, all other valid output protocols are searched to find a valid match.
Specifying a Local Transport Protocol
You can configure the Cisco IOS software to save local parameters between sessions. These local parameters are set with terminal EXEC commands.
To specify the preferred protocol to use for the current session when a command does not specify one, use the following command in EXEC mode:
|
|
Router> terminal transport preferred { lat | mop | nasi | none | pad | rlogin | telnet | v120 } |
Specifies the protocol for the Cisco IOS software to use for the current session if the user did not specify a protocol. |
The preferred transport type is your preferred connection protocol. This setting specifies a protocol search order that the Cisco IOS software uses when it attempts to resolve a device name that you enter, but you do not specify a connection protocol. For example, if you want to connect to a TCP/IP host named host1 and want to use Telnet, you enter the telnet host1 command. However, if your preferred connection protocol is set to Telnet, you could enter only the host1 argument and be connected to the device. A host name might be valid for multiple protocols. If the address or service does not match the preferred protocol, all other valid connection protocols are searched to find a valid match for the name.
For router software images that support LAT, the default protocol for outgoing connections is LAT. For router software images that do not support LAT, the default protocol for outgoing connections is Telnet. For incoming connections, all the supported network protocols are accepted.
The Cisco IOS software accepts a host name entry at the EXEC prompt as a Telnet command. If you enter the host name incorrectly, the Cisco IOS software interprets the entry as an incorrect Telnet command and provides an error message indicating that the host does not exist. The transport preferred none command disables this option so that if you enter a command incorrectly at the EXEC prompt, the Cisco IOS software does not attempt to make a Telnet connection.
Configuring Communication Parameters for Terminal Ports
To configure communication parameters, perform the tasks described in the following sections:
Configuring Sessions on a Line
The Cisco IOS software supplies the following default serial communication parameters for terminal and other serial device operation:
- 9600 bits per second (bps) line speed
- 8 data bits
- 2 stop bits
- No parity bit
To change the default parameters as necessary to meet the requirements of the terminal or host to which you are connected, use any of the following commands in line configuration mode:
|
|
Router(config-line)# speed bps or Router(config-line)# txspeed bps or Router(config-line)# rxspeed bps |
Sets the line speed. Choose from line speed, transmit speed, or receive speed. |
Router(config-line)# databits { 5 | 6 | 7 | 8 } |
Sets the data bits. |
Router(config-line)# stopbits { 1 | 1.5 | 2 } |
Sets the stop bits. |
Router(config-line)# parity { none | even | odd | space | mark } |
Sets the parity bit. |
Configuring Local Session Parameters
To change these parameters as necessary to meet the requirements of the terminal or host to which you are attached, use the following commands in EXEC mode, as needed:
|
|
Router> terminal speed bps or Router> terminal txspeed bps or
Router>
terminal rxspeed
bps
|
Sets the line speed for the current session. Choose from line speed, transmit speed, or receive speed. |
Router> terminal databits { 5 | 6 | 7 | 8 } |
Sets the data bits for the current session. |
Router> terminal stopbits { 1 | 1.5 | 2 } |
Sets the stop bits for the current session. |
Router> terminal parity { none | even | odd | space | mark } |
Sets the parity bit for the current session. |
Changing the Default Privilege Level for Lines
To change the default privilege level for a given line or a group of lines, use the following command in line configuration mode:
|
|
Router(config-line)# privilege level level |
Specifies a default privilege level for a line. |
Enabling Password Checking at Login
You can enable password checking on a particular line so that the user is prompted to enter a password at the system login screen. You must then also specify a password. To do so, use the following commands in line configuration mode:
|
|
|
Step 1 |
Router(config-line)# login |
Enables password checking on a per-line basis using the password specified with the password command. |
Step 2 |
Router(config-line)# password password |
Assigns a password to a particular line. |
You can enable password checking on a per-user basis, in which case authentication is based on the username specified with the username global configuration command. To enable password checking on a per-user basis, use the following commands in line configuration mode:
|
|
|
Step 1 |
Router(config-line)# login local |
Enables password checking on a per-user basis using the username and password specified with the username global configuration command. |
Step 2 |
Router(config-line)# login tacacs or Router(config-line)# login authentication { default | list-name } |
Selects the TACACS style user ID and password-checking mechanism. |
Use the login tacacs command with TACACS and extended TACACS. Use the login authentication command with AAA/TACACS+.
By default, virtual terminals require passwords. If you do not set a password for a virtual terminal, the router displays an error message and closes the attempted connection. Use the no login command to disable this function and allow connections without a password.
For other access control tasks and password restrictions, including the enable password global configuration command that restricts access to privileged mode, see the Cisco IOS Security Configuration Guide, Release 12.2.
Establishing Terminal Session Limits
You might need to control terminal sessions in high-traffic areas to provide resources for all users. You can define the following limitations for terminal sessions:
- The maximum number of sessions
- The session timeout interval
To establish terminal session limits, use the following commands in line configuration mode:
|
|
|
Step 1 |
Router(config-line)# session-limit session-number |
Sets the maximum number of simultaneous sessions. |
Step 2 |
Router(config-line)# session-timeout minutes [ output ] or Router(config-line)# absolute-timeout minutes |
Sets an idle timeout interval on a console or terminal (tty) line. Sets a timeout interval on a virtual terminal (vty) line. |
Step 3 |
Router(config-line)# logout-warning [ seconds ] |
Warns users of impending timeouts set with the absolute-timeout command. |
The session-timeout command behaves slightly differently on virtual (vty) terminals than on physical console, auxiliary (aux), and terminal (tty) lines. When a timeout occurs on a vty, the user session returns to the EXEC prompt. When a timeout occurs on physical lines, the user session is logged out and the line returned to the idle state.
The absolute-timeout command terminates the connection after the specified time period has elapsed, regardless of whether the connection is being used at the time of termination. You can specify an absolute-timeout value for each port. The user is given 20 seconds notice before the session is terminated. You can use this command along with the logout-warning command, which notifies the user of an impending logout.
You can use a combination of the exec-timeout line configuration command, which sets the interval that the EXEC command interpreter waits until user input is detected, and the session-timeout line configuration command, both set to approximately the same values, to get the same behavior from virtual lines that the session-timeout command causes on physical lines.
The absolute-timeout command overrides any timeouts set through the AppleTalk Remote Access (ARA) protocol.
Displaying Line Connection Information After the Login Prompt
You can display the host name, line number, and location of the host each time an EXEC session is started or an incoming connection is made. The line number banner appears immediately after the EXEC banner or incoming banner. This feature is useful for tracking problems with modems because it lists the host and line for the modem connection. Modem type information is also included if applicable.
To provide line information after the login prompt, use the following command in global configuration mode:
|
|
Router(config)# service linenumber |
Provides service line number information after the EXEC banner or incoming banner. |
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 20018 Cisco Systems, Inc. All rights reserved.