Using Telnet

Telnet, part of the TCP/IP protocol suite, is a virtual terminal protocol that allows you to make connections to remote devices, gather information, and run programs. After your router and switches are configured, you can use the Telnet program to reconfigure and/or check up on your routers and switches without using a console cable. You run the Telnet program by typing telnet from any command prompt (DOS or Cisco). You need to have VTY password set on the routers for this to work.

Remember, you can't use CDP to gather information about routers and switches that aren't directly connected to your device. But you can use the Telnet application to connect to your neighbor devices and then run CDP on those remote devices to get information on them. You can issue the telnet command from any router prompt like this:

Corp#telnet 10.2.2.2

Trying 10.2.2.2 ... Open

Password required, but none set

[Connection to 10.2.2.2 closed by foreign host]

Corp#

As you can see, I didn't set my passwords--how embarrassing! Remember that the VTY ports on a router are configured as login, meaning that we have to either set the VTY passwords or use the no login command.

On a Cisco router, you don't need to use the telnet command; you can just type in an IP address from a command prompt and the router will assume that you want to telnet to the device. Here's how that looks using just the IP address:

Corp#10.2.2.2

Trying 10.2.2.2 ... Open

Password required, but none set

[Connection to 10.2.2.2 closed by foreign host]

Corp#

At this point, it would be a great idea to set those VTY passwords on the router I want to telnet into. Here's what I did on the remote router named R1:

R1#config t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#line vty 0 ?

<1-807> Last Line number

R1(config)#line vty 0 807

R1(config-line)#password telnet

R1(config-line)#login

R1(config-line)#^Z

Now let's try this again. Here I'm connecting to the router from the Corp ISR console:

Corp#10.2.2.2

Trying 10.2.2.2 ... Open

User Access Verification

Password:

R1>

Remember that the VTY password is the user-mode password, not the enable-mode password. Watch what happens when I try to go into privileged mode after telnetting into router R1:

R1>en

% No password set

R1>

It is basically saying, "No way!" This is a really good security feature because you don't want anyone telnetting into your device and being able to just type the enable command to get into privileged mode. You've got to set your enable-mode password r enable secret pass-word to use Telnet to configure remote devices!

Source:: Cisco Certified Network Associate Study Guide