Logging Telnet Access
Problem
You want to log every Telnet session to the router.
Solution
To log every Telnet session to the router, use the followings set of commands:
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#access-list
90
permit any log
Router1(config)#line vty
Router1(config-line)#
0 4
access-class
90
in
Router1(config-line)#exit
Router1(config)#end
Router1#
Discussion
Keeping detailed log records of every Telnet session that your router accepts can be useful for security purposes. By configuring an access-class ACL to log every session, the router will capture which IP source addresses attempt to access the Telnet port. Note, however, that this method will capture both successful and unsuccessful Telnet attempts, which is an invaluable capability.
Of course, you can combine this functionality with the other access-classes that we discussed in Recipes 3.15 and 3.16. This recipe doesn’t introduce any new features, but rather a different way to use the same commands.
To view all captured Telnet attempts onto the router, use the following EXEC command:
Router1#show logging | include list
Jun 27 14:44:45: %SEC-6-IPACCESSLOGS: list 90 permitted 172.25.1.1 1 packet Router1#
90
The logged messages will always show permitted
, whether the session
authentication was successful or not.
See Also
Get Cisco IOS Cookbook, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.