You want to log every Telnet session to the router.
To log every Telnet session to the router, use the followings set of commands:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#access-list 90 permit any log Router1(config)#line vty 0 4 Router1(config-line)#access-class 90 in Router1(config-line)#end Router1#
Keeping detailed log records of every Telnet session your router accepts can be useful for security purposes. Configuring an access class ACL to log every session causes the router to capture which IP source addresses attempt to access the Telnet port. Note, however, that this method captures both successful and unsuccessful Telnet attempts, which is an invaluable capability.
Of course, you can combine this functionality with the other access classes that we discussed in Recipe 3.15 and Recipe 3.16. This recipe doesn't introduce any new features; it's just a different way to use the same commands.
To view all captured Telnet attempts, use the following EXEC command:
Router1# show logging | include list 90
Jun 27 14:44:45: %SEC-6-IPACCESSLOGS: list 90 permitted 172.25.1.1 1 packet
Router1#
Note that the logged messages will always show "permitted," even if the session authentication was unsuccessful.
Top |