Hello,
The N626 question asked you to configure one virtual connection. I thought that
line vty 0
login
Password cisco
but the choice was wrong.
Since vty allows five connection, starting at 0 and going until 4 (total 5), why was the answer
line vty 1
login
Password cisco
I know that this allows one connection also, but should you not start with 0 and not 1.
thank you
Posts: 398
Threads: 11
Joined: Jan 2001
Reputation:
22
There are two requirements stated in the question. Your answer is taking care of only one of them.
enable password secret
line vty 0
login
password cisco
The second requirement is:
"For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted".
The correct command to achieve this goal is service password-encryption, which is given with correct answer.
The problem I have with this question is the requirement that you need to provide ONE telnet line only, and the password needs to be encrypted. My understanding of the way telnet works is that you do not get to choose which of the vty lines you log in on; they are assigned one at a time until they are all filled up. So if the vty 0 line is not setup for access, and noone is on it, then you won't be able to log in to the router because vty 1 would only be made available if someone was on vty 0. The answer as stated would not create a workable solution, but is the only answer that would meet both requirements of the question.
I tested this out on equipment today, and my suspicions, and I believe the original poster's, are right. If I configure only line vty 1 as the "correct answer" suggests, lines 0 and 2 through 4 are automatically configured with the login prompt and no password, effectively locking anyone out from using those 4 lines. The problem is, when you attempt to telnet into the router, the router takes the connection on line vty 0 and because it is configured with a login/no password combination the connection will fail. There is no way to "pick" which vty line you get when logging in to a router, they are assigned sequentially starting at 0 until all lines are used. As a result, the only "correct" answer to this question would have to be:
service password-encryption
line vty 0
login
password cisco