Virtual terminals are logicalconnections from the network to the router; these are typically telnet or rlogin connections. When a usertelnets to a router from the network, as in Figure 4-2, the router starts an EXEC process to handlethis connection.
Although no physical link is associated with a virtual terminal, VTYsare configured just like normal TTY lines. VTYs are enabled once theyare configured. If you do not configure any VTYs, then logicalconnections, such as telnet, cannot be made to your router from thenetwork. Here is a VTY configuration example:
Router(config)#line vty 1
Router(config-line)#exec-timeout 0 30
Set the timeout to 30 minutesRouter(config-line)#password letmeinhere
Set one password for telnet accessRouter(config-line)#transport input telnet
Allow only telnet accessRouter(config-line)#access-class 10 in
Apply access list 10 to this lineRouter(config-line)#exit
Router(config)#access-list 10 permit host 10.10.1.2
This example shows a semi-secure configuration for a VTY terminal. Weset a timeout for 30 minutes and apply only one password. We then usethe transport
input
command todefine the protocols that are allowed to use this line; in this case,we are allowing only telnet access. Theaccess-class
command applies an access list to thisinterface. We won’t explain access lists here; in this examplewe use a simple access list to permit access from the host at address10.10.1.2.