Logging Telnet Access

Logging Telnet Access Problem You want to log every Telnet session to the router. Solution To log every Telnet session to the router, use the followings set of commands: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#access-list 90 permit any log Router1(config)#line vty 0 4 Router1(config-line)#access-class 90 in Router1(config-line)#exit Router1(config)#end Router1# Discussion Keeping detailed log records of every Telnet session that your router accepts can be useful for security purposes. By configuring an access-class ACL to log every session, the router will capture which IP source addresses attempt to access the Telnet port. Note, however, that this method will capture both successful and unsuccessful Telnet attempts, which is an invaluable capability. Of course, you can combine this functionality with the other access-classes that we discussed in Recipes 3.15 and 3.16. This recipe doesn't introduce any new features, but rather a different way to use the same commands. To view all captured Telnet attempts onto the router, use the following EXEC command: Router1# show logging | include list 90 Jun 27 14:44:45: %SEC-6-IPACCESSLOGS: list 90 permitted 172.25.1.1 1 packet Router1# The logged messages will always show permitted, whether the session authentication was successful or not. See Also