All Cisco routers have two special types of lines, and many Cisco routers have a third. What are these lines, and how do you configure them? These are things that every network admin should know.
What are the different types of lines on Cisco routers?
“Lines” on Cisco routers are physical async serial ports on the router (such as a terminal or modem), a virtual network connection, or another type of serial line on the router. To see which lines you have on your router, use the show line command. Here’s an example:
Router# show line Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int0 CTY - - - - - 0 0 0/0 -
* 33 TTY 19200/19200 - - - - - 150 178 0/0 -
34 TTY 19200/19200 - - - - - 0 0 0/0 -
35 TTY 19200/19200 - - - - - 0 0 0/0 -
36 TTY 19200/19200 - - - - - 0 0 0/0 -
37 TTY 19200/19200 - - - - - 0 0 0/0 -
38 TTY 19200/19200 - - - - - 0 0 0/0 -
39 TTY 19200/19200 - - - - - 0 0 0/0 -
40 TTY 19200/19200 - - - - - 0 0 0/0 -
41 TTY 9600/9600 - - - - - 3083 0 0/0 -
42 TTY 19200/19200 - - - - - 0 1 0/0 -
43 TTY 19200/19200 - - - - - 5 9 0/0 -
44 TTY 19200/19200 - - - - - 0 0 0/0 -
45 TTY 9600/9600 - - - - - 0 0 0/0 -
46 TTY 19200/19200 - - - - - 0 0 0/0 -
47 TTY 19200/19200 - - - - - 0 0 0/0 -
48 TTY 19200/19200 - - - - - 0 0 0/0 -
49 TTY 19200/19200 - - - - - 0 0 0/0 -
50 TTY 9600/9600 - - - - - 0 0 0/0 -
51 TTY 9600/9600 - - - - - 1550 1 0/0 -
52 TTY 9600/9600 - - - - - 0 0 0/0 -
53 TTY 9600/9600 - - - - - 57 0 0/0 -
54 TTY 9600/9600 - - - - - 5782 0 0/0 -
55 TTY 9600/9600 - - - - - 0 0 0/0 -
56 TTY 9600/9600 - - - - - 0 0 0/0 -
57 TTY 9600/9600 - - - - - 0 0 0/0 -
58 TTY 9600/9600 - - - - - 2117 0 0/0 -
59 TTY 9600/9600 - - - - - 0 0 0/0 -
60 TTY 9600/9600 - - - - - 0 0 0/0 -
61 TTY 9600/9600 - - - - - 0 0 0/0 -
62 TTY 9600/9600 - - - - - 0 0 0/0 -
63 TTY 9600/9600 - - - - - 0 0 0/0 -
64 TTY 9600/9600 - - - - - 0 0 0/0 -
65 AUX 115200/115200- inout - - - 0 0 0/0 -
* 66 VTY - - - - - 439 0 0/0 -
67 VTY - - - - - 2 0 0/0 -
68 VTY - - - - - 0 0 0/0 -
69 VTY - - - - - 0 0 0/0 -
70 VTY - - - - - 0 0 0/0 -
Line(s) not in async mode -or- with no hardware support:
1-32
Router#
As you can see from the example, the router has one console line (labeled CTY), one AUX port (labeled AUX), five VTY lines, and 32 TTY lines. Each is a different type of line.
Use the show line summary command to get a cool summary. Here’s an example:
Router# show line summary0: ???? ???? ???? ???? ???? ???? ???? ???? ?u??
36: ???? ?-?- ???? ???- ?--? ??-? ???? ??U- ???
2 character mode users. (U)
62 lines never used (?)
2 total lines in use, 1 not authenticated (lowercase)
Router#
To look at the terminal configurations of individual lines, use the show line <parameter> command (even if you aren’t connected to that line). Here’s an example:
Router# show line console 0 Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int0 CTY - - - - - 0 0 0/0 -
Line 0, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600, no parity, 2 stopbits, 8 databits
Status: Ready
Capabilities: none
Modem state: Ready
Group codes: 0
Modem hardware state: noCTS noDSR DTR RTS
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
00:10:00 never none not set
Idle Session Disconnect Warning
never
Login-sequence User Response
00:00:30
Autoselect Initial Wait
not set
Modem type is unknown.
Session limit is not set.
Time since activation: never
Editing is enabled.
History is enabled, history size is 10.
DNS resolution in show commands is enabled
Full user help is disabled
Allowed input transports are none.
Allowed output transports are lat pad v120 mop telnet rlogin nasi ssh.
Preferred transport is lat.
No output characters are padded
No special data dispatching characters
Router#
What’s a CTY port?
The console port shouldn’t need any introduction. The CTY port is, of course, where you configure the router when it’s brand-new — before it has any IP address configuration. The console port is a serial port, so you must have a PC/laptop with a serial interface and connect to the console with a rolled cable, most likely, using a DB9 to RJ45 adaptor to connect from the serial port on your computer to the console port.
Once you’ve used the console port to configure the router’s network configuration, it isn’t common to have to use it again. However, it’s good to know that it’s there if anything ever goes wrong. In addition, you should secure the console port to keep someone from connecting to it when you aren’t around.
What’s the AUX port?
While not all routers these days have an AUX port, the AUX port is the auxiliary. Think of it as a secondary console port. The AUX ports don’t get a lot of use except to access the router if locked out of the console port.
In the past, network admins would connect modems to the AUX ports so they could dial into their routers. Like the console port, the AUX port is a serial port, and you should also take steps to secure it.
What are TTY lines?
To have a TTY line on your router, you must have an ASYNC card in your router. This card provides some number of asynchronous serial ports on the router, which you can use for serial printers, serial modems, or dumb ASCII text terminals. With those ports, the serial printers could become networked printers (using the LPD service on the router), and the dumb terminals could become networked Telnet devices.
In the case of the router shown above, it has a 32-port asynchronous serial card (Cisco NM-32A ) installed, and it’s using many of those ports for asynchronous serial devices such as ASCII text printers and ASCII test dumb terminals. This may seem archaic, but many companies still use this approach to connect to legacy UNIX systems to run legacy text-based applications. However, networked terminal emulators are slowly replacing them.
What are VTY ports?
VTY ports are virtual TTY ports, used to Telnet or SSH into the router over the network. You can use them to connect to the router to make configuration changes or check the status. Most routers have five VTY ports, numbered 0 to 4.
That means you can have up to five concurrent network admins configuring the router at one time. However, you can easily generate more VTY lines.
For example, to create a total of 21 VTY lines (numbered 0 through 20), enter the following:
Router (config)# line 0 20
How do I configure my Cisco router lines?
While you could spend a lot of time learning all the configuration variations for lines on a Cisco router, here’s the simplest and most useful configuration for your router lines.
I recommend applying the following configuration on your router’s lines:
Router(config)# line con 0 Router(config)# line aux 0 Router(config)# line vty 0 4
Here’s an example:
Router(config)# line vty 0 4 Router(config-line)# password My713!CiscoR0uter (USE A STRONG PASSWORD) Router(config-line)# logging synchronous Router(config-line)# exec-timeout 60 0
On VTY lines:
Router(config-line)# transport input <telnet OR ssh>
Keep in mind that you can always use the clear line command to clear out a connection on a router line if you run into a problem.
Conclusion
Misconfigured Cisco router lines or unconfigured router lines can be a security risk. Also, if you misconfigure your router’s lines, you may not be able to access the router’s configuration interfaces.
Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!