No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

User Cannot Log in By Means of Telnet Due to a VTY Setting Problem on an NE80E

Publication Date:  2012-07-27 Views:  43 Downloads:  0
Issue Description
NE80E V300R003C01B205
According to the user, the login through Telnet failed on the NE80E. After the user logged on to the device through the Console port via a serial port cable, no device configuration was lost and the configuration related to Telnet login existed.
1. The device configuration was checked. The related configuration is as follows:
#
user-interface maximum-vty 15
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode aaa
protocol inbound all
user-interface vty 5 14
user-interface vty 16 20
#
2. Maybe that the device login process was occupied. The user was advised to add the following two commands under vty 5 14.
authentication-mode aaa
protocol inbound all
The user logs on to the device through Telnet normally.
3. Delete the authentication-mode aaa configuration under vty 5 14. The user still can log in normally.
After protocol inbound all under vty 5 14 is changed to protocol inbound telnet, the user fails to log in again.
Note: "Cannot log on" here indicates that a re-login fails after exit and other online users are is not affected. 
 
Alarm Information
 When the user logs on the faulty device through Telnet, the system prompts that no password is set for the user.  
Handling Process
1. A check of the original configuration of the device showed that vty 5 14 was not configured originally.
2. The device logs were checked. It was found that the user-interface maximum-vty 15 command was configured before the fault occurred and thus vty 5 14 was configured.
3. When a user tries to log on to the device through Telnet, the device first performs a match on the VTY interface of Telnet. Then, on VTY 5. No authentication mode (AAA or password authentication), however, is set for VTY 5. Therefore, no login failure occurs.
4. If protocol inbound all is configured under VTY 5 14, a match is still performed on VTY 0 4 first when the user logs on through Telnet. In this case, the user can log on normally.
5. No match is performed on VTY 6 20 because it is reserved for network management. 
 
Root Cause
 According to the prompt that Telnet login fails, the problem may be related to the security setting of the login user on the device.  
Suggestions
It is recommended that you perform concise interface configuration for Telnet users, thereby avoiding similar problems.  

END