Virtual terminals are logicalconnections from the network to the router; these are typically telnet or rlogin connections. When a usertelnets to a router from the network, as in Figure 4-2, the router starts an EXEC process to handlethis connection.
Although no physical link is associated with a virtual terminal, VTYsare configured just like normal TTY lines. VTYs are enabled once theyare configured. If you do not configure any VTYs, then logicalconnections, such as telnet, cannot be made to your router from thenetwork. Here is a VTY configuration example:
Router(config)#line vty 1Router(config-line)#exec-timeout 0 30Set the timeout to 30 minutesRouter(config-line)#password letmeinhereSet one password for telnet accessRouter(config-line)#transport input telnetAllow only telnet accessRouter(config-line)#access-class 10 inApply access list 10 to this lineRouter(config-line)#exitRouter(config)#access-list 10 permit host 10.10.1.2
This example shows a semi-secure configuration for a VTY terminal. Weset a timeout for 30 minutes and apply only one password. We then usethe transport input command todefine the protocols that are allowed to use this line; in this case,we are allowing only telnet access. Theaccess-class command applies an access list to thisinterface. We won’t explain access lists here; in this examplewe use a simple access list to permit access from the host at address10.10.1.2.
