Using Telnet for Virtual Terminal Access

Using Telnet for Virtual Terminal Access


  • Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities

Telnet is widely used as an in-band management protocol today for remotely administering Cisco devices. As long as you have IP connectivity to the Cisco device and have configured a password on the vty lines, you can remotely administer your Cisco switches and routers.

However, it is possible to limit the devices that can Telnet into your devices based upon their IP addresses, which is discussed later in Chapter 19, “Using Cisco Access Lists.” In User EXEC and Privilege EXEC of the IOS, it is possible to Telnet from your Cisco device to another device. By typing telnet followed by the IP address that you are trying to reach, you initiate a Telnet session from your local router or switch. In all actuality, you do not even need to use the telnet keyword. If you just type an IP address or a hostname (assuming name resolution), the IOS automatically assumes you are attempting to Telnet to that host. For example, if you Telnet from the 28111 router to the remote 1801, the output would look
similar to the following:

At this point, you can configure the Engineering1801 router as if you were directly consoled into it. However, there may be a time where you need to jump back to your original router to incorporate additional configurations, verify connectivity, or Telnet into other devices. While connected to the remote device, you can suspend your Telnet session temporarily and return to the origin of the Telnet session (CCNA2811 in our example). The useful, but strangely awkward keystroke to suspend a Telnet session in Ctrl+Shift+6 followed by hitting the x key. Keep in mind that this only suspends the Telnet session; the session is still connected and running in a background process.

Know that the keystroke combination Ctrl+Shift+6, x suspends a Telnet session. As shown in Figure 8.3, you can verify the Telnet sessions that have originated from the local device by using the show sessions command. This example initiates and suspends two separate Telnet sessions from the CCNA2811 router.

Notice that each session connection is numbered and there is an asterisk next to connection 2. This is the last Telnet session that was suspended and it is the session that will be resumed if you hit the Enter key without typing a command. You can also choose which Telnet session to resume by typing resume, followed by the connection number.

Ctrl+Shift+6, x suspends the Telnet session, but how do you actually close the Telnet session when you are finished? The answer is twofold. You can close a Telnet session from the originating local device by typing the keyword disconnect followed by the connection number. From the device into which you are Telnetted, you can also type exit or logout from User EXEC or Privileged EXEC.

Be familiar with the multiple ways you can resume and disconnect a Telnet session.

Terminal Monitor

By default, your Cisco devices send their notification messages such as debug outputs, interface alerts, and system error messages to the console port. This means that you cannot send these notifications over a Telnet session to another device by default.
To have these messages copied to the vty lines, you need to use the terminal monitor command in Privileged EXEC mode of the device to which you are telnetted. For instance, in the configuration shown, Router A Telnets into Router B and enters Privileged EXEC mode to type the terminal monitor command. debug outputs, notifications, and errors messages are then sent over the vty lines to be viewed by the remote terminal.

The terminal monitor command copies debug outputs and error messages to the vty terminal lines.

8.2 Telnet Practice

  1. Telnet into your neighbor router by typing telnet, followed by the IP address.
  2. Suspend that Telnet session by using the Ctrl+Shift+6, x keystroke.
  3. Verify that suspended Telnet session by typing show sessions.
  4. Disconnect the Telnet session by typing disconnect, followed by the connection number (should be 1).



  • Configure, verify and troubleshoot DHCP and DNS operation on a router (including: CLI/SDM)
  • Implement static and dynamic addressing services for hosts in a LAN environment

One of Cisco’s many goals is to make their routers more versatile than simply just routing packets. Case in point, Cisco has incorporated security, switching, wireless, and/or voice in their line of Integrated Service Routers to provide multi-functionality out of a single device. In that same vein, the Cisco IOS has some convenient features that can provide services to small-to-medium size businesses minimizing the reliance on other devices and servers. One of those services that the Cisco router can provide is to act as DHCP server for a LAN to assign DHCP-enabled devices an IP address, address of the default gateway, domain name, and the DNS server address.

To start the configuration for this service, you have to configure your ethernet interface and make sure that it is up, administratively enabled, and assigned an IP address as described in this chapter. This makes logical sense since this is the interface that is connected to the DHCPenabled clients. The next step is to logically define the DHCP address pool using the ip dhcp pool poolname command. Once you enter this command, the router prompt will indicate that
you have entered a DHCP sub-configuration mode that looks like the following:

Once in dhcp-config, you can specify the parameters that will be passed to the requesting clients. For instance, to define the IP network scope that the router will use when leasing IPs, you use the network command followed by the subnet (not single IP) and the subnet mask in decimal form:
Now, when devices with DCHP enabled come online and send a DHCP request for an IP, the Cisco router will receive that information and respond with an IP from the network. In addition it can also be configured to assign the default gateway (which is probably the router), the address of the DNS server, the domain name of the LAN, and specify the length of time the IP is leased by the client. The configurations for these parameters are as follows:
Given the preceding configuration, DHCP-enabled clients will be assigned to the domain and have a default gateway of, use as a DNS server to resolve domain names to IP, and DHCP lease of this information will last for 7 days, 2 hours, and 45 minutes.
Since we already statically assigned the IP address of to our default gateway and to our DNS server, we want to make sure the router does not assign these IP addresses to device or else it would cause an IP conflict in our network. To exclude an IP address or an IP address range, use the ip dhcp excluded-address ip-address in Global Configuration for a single IP or define a range of IPs using the same command but defining a start IP an end IP. In our example, we want to exclude the IP’s and, so our configuration would look like:
DHCP Can Cause Router Amnesia When I say router amnesia, I am referring to the loss of memory that can occur when you enable DHCP, especially in larger networks. Since this service requires maintaining all the IP leases it administers, it is possible to consume all of your router’s memory resources if your net work is too large and you have a lengthy lease time. In other words, use this service sparingly if your network fits the small-to-medium sized mold. In addition, if you have not done so already, upgrade the router’s memory to whatever level or whatever budget you can afford to help unburden some of the infor
mation it will need to retain when DHCP is enabled. Some of you may be reading this DHCP functionality and realize that you do not need it because you already have a configured and fully functional DHCP server. The Cisco IOS also gives you the option to configure your router’s interfaces to be a DHCP client as well; allowing you to use your existing DHCP server and have it assign an IP address to your interface.

The command to do this is similar to statically assigning an IP address to your interface, except you specify the keyword dhcp instead of an actual IP address:

The address that is assigned to the router’s interface cannot be seen by using the show running-config command since it is a temporary address. Instead, you can verify it by using the show dhcp lease command:

About the author


Leave a Comment