rekrowteN | Networker

All you want to know about computer networks and more

Rotary IOS Command

You can have different passwords for different VTY ports. The question is, how can you control port number. If you have different passwords for VTY 0 and VTY 1, and you don’t know password for VTY 0, how do you log in? Well, VTY 0 must be taken and then VTY 1 is used, or you can reach this port by telneting to port other than 23.

As I have mentioned, default Telnet port is 23. You can change this by rotary command. This command will also ensure that you can control ports, when you are trying to Telnet (or SSH or any other protocol allowed). Consider next configuration:

line vty 0
 password class
 login    
 rotary 1
line vty 1 4
 password cisco
 login
 rotary 20
!

It says that on VTY port 0 I have password class and VTY ports 1 to 4 I have password cisco. When I want to use password class, I will use port 7000 + rotary value. Rotary value is one, so I will use port 7001. When I want to use VTY port 1 (or port 2, when 1 is taken, etc.), I will use port 7000 + rotary value, which is 20, so port 7020.

One question remains, which password to use, when using port 23 and none of the VTY connections are open. It is the VTY 0 password, which is class. First, I am trying to type cisco and then class.

R1#telnet 192.168.1.2
Trying 192.168.1.2 ... Open

User Access Verification

Password:
Password:
R2>

When I try to use port 7000, nothing happens.

R1#telnet 192.168.1.2 7000
Trying 192.168.1.2, 7000 ...
% Connection refused by remote host

I am trying port 7001 and first I am using password cisco and then password class.

R1#telnet 192.168.1.2 7001
Trying 192.168.1.2, 7001 ... Open

User Access Verification

Password:
Password:
R2>

Port 7002 is not working.

R1#telnet 192.168.1.2 7002
Trying 192.168.1.2, 7002 ...
% Connection refused by remote host

I am trying port 7020 and first I am using password cisco. It works.

R1#telnet 192.168.1.2 7020
Trying 192.168.1.2, 7020 ... Open

User Access Verification

Password:
R2>exit

If you don't have rotary number. You can try to open VTY 0 port (for Telnet use port 23, for SSH port 22, etc.) and then try to open another connection. VTY 1 will be used, if not taken already.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: