2.2 Configuration for Asynchronous Connections
2.2.4 Line types and numbering
Cisco devices have the following four types of lines:
  • CON: Console line-Typically used to log in to the router for configuration purposes; this line is also referred to as CTY
  • AUX: Auxiliary line-RS-232 DTE port used as a backup asynchronous port (tty); cannot be used as a second console port
  • tty: Asynchronous line-Same as asynchronous interface; available on access server models only (Cisco 2509, 10, 11, 12, AS5100, and Cisco 1001); used typically for remote-node, dial-in sessions that use such protocols as Serial Line Internet Protocol (SLIP), Point-to-Point Protocol (PPP), and XRemote
  • vty: Virtual terminal line-Used for incoming Telnet, local-area transport (LAT), X.25 packet assembler/disassembler (PAD), and protocol-translation connections into synchronous ports (such as Ethernet and serial interfaces) on the router

Different routers have different numbers of these line types. Figure shows the Cisco line-numbering rules, where n represents the first physical line after the console line, and m refers to the number of the vty line. For example, the vty 4 line corresponds to line 14 on a router with eight tty ports. Because line 0 is for the console, lines 1 to 8 are the tty lines, line 9 is for the auxiliary port, and lines 10 to 14 are for vty 0 to 4.

tty lines correspond to asynchronous interfaces on a one-to-one basis, and vty lines are virtual lines that are dynamically assigned to the synchronous interfaces. Usually, you would associate vty lines with incoming Telnet sessions. Enter the interface line tty ? command to view the maximum number of tty lines supported.

Connections to an individual line are most useful when a dial-out modem, parallel printer, or serial printer is attached to that access server line. 

To connect to an individual line, the remote host or terminal must specify a particular Transmission Control Protocol (TCP) port on the access server. If the Telnet protocol is used, that port is 2000 plus the line number. For example:
Router#Telnet 131.108.30.40 2001

This command indicates a Telnet connection to line 1 (2000 + 1).

show line command

You can use the show line command to display all types of lines and the status of each line, as exhibited in Figure . It also provides useful information about modem control and asynchronous port configuration. The show line-number command displays more detailed information on the specified line, including some useful data such as baud rate, modem state (idle or ready), and modem hardware state (CTS, DSR, DTR, and RTS for hardware flow control and session control). Table explains the output fields displayed in Figure . Figure emphasizes concepts previously discussed (with the exception of access class).

Line Numbering on Cisco 1600
Some routers don’t have AUX ports, and the Cisco 1600 is one of them. The following shows the way the relative and absolute line numbers are presented with the
show line command:

Router#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns
      * 0 CTY - - - - - 0 1 0/0
         2 vty - - - - - 0 0 0/0
         3 vty - - - - - 0 0 0/0
         4 vty - - - - - 0 0 0/0
         5 vty - - - - - 0 0 0/0
         6 vty - - - - - 0 0 0/0
Line(s) not in async mode -or- with no hardware support: 1


The CTY port is the console. As shown in Figure , the AUX port receives the number tty + 1. Because this Cisco 1600 router has no Async interface (no tty), the AUX port, if present, would have received 1 line number 1. The vty lines are always as follows: Last_tty + 2. Using the formula shown on Figure to find the first vty line number, calculate 0 tty + 2 = 2, which is the starting number of vty lines. By default, the router provides five virtual connections; in this case, these are numbered 2, 3, 4, 5, and 6.

Filtering Traffic on vty Lines—Access Class
If you wish to restrict incoming and outgoing connections between a particular virtual terminal line, you can use the access-class command on a line. The
access-class command makes a standard access list decide whether it should accept or reject a connection. Remember to set identical restrictions on all the virtual terminal lines because a user can connect to any of them.