Networking

Configure lines and VTYs on Cisco routers

All Cisco routers have two special types of lines, and many Cisco routers have a third. What are these lines, and how do you configure them? These are things that every network admin should know.

All Cisco routers have two special types of lines, and many Cisco routers have a third. What are these lines, and how do you configure them? These are things that every network admin should know.

What are the different types of lines on Cisco routers?

"Lines" on Cisco routers are physical async serial ports on the router (such as a terminal or modem), a virtual network connection, or another type of serial line on the router. To see which lines you have on your router, use the show line command. Here's an example:

Router# show line
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int

     0 CTY              -    -      -    -    -      0       0     0/0       -

*   33 TTY  19200/19200 -    -      -    -    -    150     178     0/0       -

    34 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    35 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    36 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    37 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    38 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    39 TTY  19200/19200 -    -      -    -    -      0     0     0/0       -

    40 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    41 TTY   9600/9600  -    -      -    -    -   3083       0     0/0       -

    42 TTY  19200/19200 -    -      -    -    -      0       1     0/0       -

    43 TTY  19200/19200 -    -      -    -    -      5       9     0/0       -

    44 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    45 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    46 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    47 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    48 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    49 TTY  19200/19200 -    -      -    -    -      0       0     0/0       -

    50 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    51 TTY   9600/9600  -    -      -    -    -   1550       1     0/0       -

    52 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    53 TTY   9600/9600  -    -      -    -    -     57       0     0/0       -

    54 TTY   9600/9600  -    -      -    -    -   5782       0     0/0       -

    55 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    56 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    57 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    58 TTY   9600/9600  -    -      -    -    -   2117       0     0/0       -

    59 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    60 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    61 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    62 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    63 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    64 TTY   9600/9600  -    -      -    -    -      0       0     0/0       -

    65 AUX 115200/115200- inout     -    -    -      0       0     0/0       -

*   66 VTY              -    -      -    -    -    439       0     0/0       -

    67 VTY              -    -      -    -    -      2       0     0/0       -

    68 VTY              -    -      -    -    -      0       0     0/0       -

    69 VTY              -    -      -    -    -      0       0     0/0       -

    70 VTY              -    -      -    -    -      0       0     0/0       -

Line(s) not in async mode -or- with no hardware support:

1-32

 

Router#

As you can see from the example, the router has one console line (labeled CTY), one AUX port (labeled AUX), five VTY lines, and 32 TTY lines. Each is a different type of line.

Use the show line summary command to get a cool summary. Here's an example:

Router# show line summary 

        0: ???? ???? ???? ???? ???? ???? ???? ???? ?u??

       36: ???? ?-?- ???? ???- ?—? ??-? ???? ??U- ???

   2 character mode users.           (U)

  62 lines never used                (?)

   2 total lines in use,    1 not authenticated (lowercase)

Router#
To look at the terminal configurations of individual lines, use the show line <parameter> command (even if you aren't connected to that line). Here's an example:
Router# show line console 0
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int

     0 CTY              -    -      -    -    -      0       0     0/0       -

Line 0, Location: "", Type: ""

Length: 24 lines, Width: 80 columns

Baud rate (TX/RX) is 9600/9600, no parity, 2 stopbits, 8 databits

Status: Ready

Capabilities: none

Modem state: Ready

Group codes:    0

Modem hardware state: noCTS noDSR  DTR RTS

Special Chars: Escape  Hold  Stop  Start  Disconnect  Activation

                ^^x    none   -     -       none        

Timeouts:      Idle EXEC    Idle Session   Modem Answer  Session   Dispatch

               00:10:00        never                        none     not set

                            Idle Session Disconnect Warning

                              never

                            Login-sequence User Response

                             00:00:30

                            Autoselect Initial Wait

                              not set

Modem type is unknown.

Session limit is not set.

Time since activation: never

Editing is enabled.

History is enabled, history size is 10.

DNS resolution in show commands is enabled

Full user help is disabled

Allowed input transports are none.

Allowed output transports are lat pad v120 mop telnet rlogin nasi ssh.

Preferred transport is lat.

No output characters are padded

No special data dispatching characters

Router#

What's a CTY port?

The console port shouldn't need any introduction. The CTY port is, of course, where you configure the router when it's brand-new — before it has any IP address configuration. The console port is a serial port, so you must have a PC/laptop with a serial interface and connect to the console with a rolled cable, most likely, using a DB9 to RJ45 adaptor to connect from the serial port on your computer to the console port.

Once you've used the console port to configure the router's network configuration, it isn't common to have to use it again. However, it's good to know that it's there if anything ever goes wrong. In addition, you should secure the console port to keep someone from connecting to it when you aren't around.

What's the AUX port?

While not all routers these days have an AUX port, the AUX port is the auxiliary. Think of it as a secondary console port. The AUX ports don't get a lot of use except to access the router if locked out of the console port.

In the past, network admins would connect modems to the AUX ports so they could dial into their routers. Like the console port, the AUX port is a serial port, and you should also take steps to secure it.

What are TTY lines?

To have a TTY line on your router, you must have an ASYNC card in your router. This card provides some number of asynchronous serial ports on the router, which you can use for serial printers, serial modems, or dumb ASCII text terminals. With those ports, the serial printers could become networked printers (using the LPD service on the router), and the dumb terminals could become networked Telnet devices.

In the case of the router shown above, it has a 32-port asynchronous serial card (Cisco NM-32A ) installed, and it's using many of those ports for asynchronous serial devices such as ASCII text printers and ASCII test dumb terminals. This may seem archaic, but many companies still use this approach to connect to legacy UNIX systems to run legacy text-based applications. However, networked terminal emulators are slowly replacing them.

What are VTY ports?

VTY ports are virtual TTY ports, used to Telnet or SSH into the router over the network. You can use them to connect to the router to make configuration changes or check the status. Most routers have five VTY ports, numbered 0 to 4.

That means you can have up to five concurrent network admins configuring the router at one time. However, you can easily generate more VTY lines.

For example, to create a total of 21 VTY lines (numbered 0 through 20), enter the following:

Router (config)# line 0 20

How do I configure my Cisco router lines?

While you could spend a lot of time learning all the configuration variations for lines on a Cisco router, here's the simplest and most useful configuration for your router lines.

I recommend applying the following configuration on your router's lines:

Router(config)# line con 0
Router(config)# line aux 0
Router(config)# line vty 0 4

Here's an example:

Router(config)# line vty 0 4
Router(config-line)# password My713!CiscoR0uter (USE A STRONG PASSWORD)
Router(config-line)# logging synchronous
Router(config-line)# exec-timeout 60 0

On VTY lines:

Router(config-line)# transport input <telnet OR ssh>

Keep in mind that you can always use the clear line command to clear out a connection on a router line if you run into a problem.

Conclusion

Misconfigured Cisco router lines or unconfigured router lines can be a security risk. Also, if you misconfigure your router's lines, you may not be able to access the router's configuration interfaces.

Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!

Editor's Picks

Free Newsletters, In your Inbox