- Cisco IOS Dial Services Configuration Guide: Terminal Services, Release 12.1
Table Of Contents
Configuring Terminal Operating Characteristics for Dial-In Sessions
Terminal Operating Characteristics Overview
Selecting a Preferred Connection Protocol
Specifying the Transport Protocol
Specifying a Local Transport Protocol
Configuring Communication Parameters for Terminal Ports
Configuring Sessions on a Line
Configuring Local Session Parameters
Changing the Default Privilege Level for Lines
Enabling Password Checking at Login
Establishing Terminal Session Limits
Displaying Line Connection Information After the Login Prompt
Configuring Terminal Operating Characteristics for Dial-In Sessions
This chapter describes how to set operating characteristics for remote terminal service connections. It includes the following main sections:
•
Terminal Operating Characteristics Overview
•
•
For a complete description of the terminal characteristic commands in this chapter, see the Cisco IOS Dial Services Command Reference publication. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.
Terminal Operating Characteristics Overview
In line configuration mode, you can set terminal operating characteristics that will be in operation for that line until the next time you change the line parameters. Alternatively, you can change the line setting locally (temporarily) with terminal EXEC commands. Both tasks are described in this chapter.
Selecting a Preferred Connection Protocol
Your first task is to select a preferred connection protocol, then configure the appropriate communication parameters. The preferred transport type is your preferred connection protocol. This section describes how to configure the router to support specific protocols for the following:
•
•
Specifying the Transport Protocol
Use the transport preferred command to specify which transport protocol is used on connections. Use the transport input and transport output commands to explicitly specify the protocols allowed on individual lines for both incoming and outgoing connections.
Note
For routers that support LAT, the default protocol for outgoing connections is LAT. For those that do not support LAT, the default protocol for outgoing connections is Telnet. For incoming connections, all the supported network protocols are accepted.
To specify transport protocols, use one or more of the following commands in line configuration mode:
The router accepts a host name entry at the EXEC system prompt as a Telnet command. If you enter the host name incorrectly, the router interprets the entry as an incorrect Telnet command and provides an error message indicating that the host does not exist. The transport preferred none command disables this option so that if you enter a command incorrectly at the EXEC prompt, the router does not attempt to make a Telnet connection to a host that it cannot find.
The transport preferred setting specifies a search order when attempting to resolve names that might be valid for multiple protocols. If the address or service does not match the preferred protocol, all other valid output protocols are searched to find a valid match.
Specifying a Local Transport Protocol
You can configure the Cisco IOS software to save local parameters between sessions. These local parameters are set with the terminal EXEC commands.
To specify the preferred protocol to use for the current session when a command does not specify one, use the following command in EXEC mode:
The preferred transport type is your preferred connection protocol. This setting specifies a protocol search order that the Cisco IOS software uses when it attempts to resolve a device name that you enter, but you do not specify a connection protocol. For example, if you want to connect to a TCP/IP host named host1 and want to use Telnet, you enter telnet host1. However, if your preferred connection protocol is set to Telnet, you could enter host1 and be connected to the device. A host name might be valid for multiple protocols. If the address or service does not match the preferred protocol, all other valid connection protocols are searched to find a valid match for the name.
For router software images that support LAT, the default protocol for outgoing connections is LAT. For router software images that do not support LAT, the default protocol for outgoing connections is Telnet. For incoming connections, all the supported network protocols are accepted.
The Cisco IOS software accepts a host name entry at the EXEC prompt as a Telnet command. If you enter the host name incorrectly, the Cisco IOS software interprets the entry as an incorrect Telnet command and provides an error message indicating that the host does not exist. The transport preferred none command disables this option so that if you enter a command incorrectly at the EXEC prompt, the Cisco IOS software does not attempt to make a Telnet connection.
Configuring Communication Parameters for Terminal Ports
The following sections describe how to configure communication parameters:
•
•
•
•
•
•
Configuring Sessions on a Line
The Cisco IOS software supplies the following default serial communication parameters for terminal and other serial device operation:
•
•
•
•
To change the default parameters as necessary to meet the requirements of the terminal or host to which you are connected, use any of the following commands in line configuration mode:
Configuring Local Session Parameters
To change these parameters as necessary to meet the requirements of the terminal or host to which you are attached, use one or more of the following commands in EXEC mode:
Changing the Default Privilege Level for Lines
To change the default privilege level for a given line or a group of lines, use the following command in line configuration mode:
Enabling Password Checking at Login
You can enable password checking on a particular line so that the user is prompted to enter a password at the system login screen. You must then also specify a password. To do so, use the following commands in line configuration mode:
Step 1
login
Enables password checking on a per-line basis using the password specified with the password command.
Step 2
password password
Assigns a password to a particular line.
You can enable password checking on a per-user basis, in which case authentication is based on the username specified with the username global configuration command. To enable password checking on a per-user basis, use the following commands in line configuration mode:
Use the login tacacs command with TACACS and extended TACACS. Use the login authentication command with AAA/TACACS+.
By default, virtual terminals require passwords. If you do not set a password for a virtual terminal, the router displays an error message and closes the attempted connection. Use the no login command to disable this function and allow connections without a password.
For other access control tasks and password restrictions, including the enable password global configuration command that restricts access to privileged mode, see the Cisco IOS Security Configuration Guide.
Establishing Terminal Session Limits
You might need to control terminal sessions in high-traffic areas to provide resources for all users. You can define the following limitations for terminal sessions:
•
•
To establish terminal session limits, use the following commands in line configuration mode:
session-limit session-number
Sets the maximum number of simultaneous sessions.1
session-timeout minutes [output]
or
absolute-timeout minutes
Sets the idle timeout interval on a console or terminal (tty) line.
Sets the idle timeout interval on a virtual terminal (vty) line.logout-warning [seconds]
Warns users of impending timeouts set with the absolute-timeout command.
1 There is no inherent upper limit to the number of sessions you can create.
The session-timeout command behaves slightly differently on virtual (vty) terminals than on physical console, auxiliary (aux), and terminal (tty) lines. When a timeout occurs on a vty, the user session returns to the EXEC prompt. When a timeout occurs on physical lines, the user session is logged out and the line returned to the idle state.
The absolute-timeout command terminates the connection after the specified time period has elapsed, regardless of whether the connection is being used at the time of termination. You can specify an absolute-timeout value for each port. The user is given 20 seconds notice before the session is terminated. You can use this command along with the logout-warning command, which notifies the user of an impending logout.
You can use a combination of the exec-timeout line configuration command, which sets the interval that the EXEC command interpreter waits until user input is detected, and the session-timeout line configuration command, both set to approximately the same values, to get the same behavior from virtual lines that the session-timeout command causes on physical lines.
The absolute-timeout command overrides any timeouts set through the AppleTalk Remote Access (ARA) protocol.
Displaying Line Connection Information After the Login Prompt
You can display the host name, line number, and location of the host each time an EXEC session is started or an incoming connection is made. The line number banner appears immediately after the EXEC banner or incoming banner. This feature is useful for tracking problems with modems because it lists the host and line for the modem connection. Modem type information is also included if applicable.
To provide line information after the login prompt, use the following command in global configuration mode:
service linenumber
Provides service line-number information after the EXEC banner or incoming banner.
