Skip to content

Line

Line configuration manages device access control for both console (CON) and virtual terminal (VTY) connections, defining authentication methods, timeout values, transport protocols, and access restrictions. Console lines provide direct physical access to devices while VTY lines enable remote access via protocols such as SSH and Telnet, with configurable access control lists to restrict connections by source IP address or network range. Line configuration also controls session parameters including privilege levels, password authentication, exec timeouts, and logging settings to ensure secure and manageable device access.

Diagram

Diagram

Classes

configuration (iosxe.devices)

NameTypeConstraintMandatoryDefault Value
lineClass[line]No

line (iosxe.devices.configuration)

NameTypeConstraintMandatoryDefault Value
consolesList[consoles]No
vtysList[vtys]No

consoles (iosxe.devices.configuration.line)

NameTypeConstraintMandatoryDefault Value
exec_timeout_minutesIntegermin: 0, max: 35791No
exec_timeout_secondsIntegermin: 0, max: 2147483No
login_localBooleantrue, falseNo
login_authenticationStringNo
privilege_levelIntegermin: 0, max: 15No
stopbitsChoice1, 1.5, 2No
password_levelIntegermin: 0, max: 255No
password_typeChoice0, 6, 7No
passwordStringNo

vtys (iosxe.devices.configuration.line)

NameTypeConstraintMandatoryDefault Value
number_fromIntegermin: 0, max: 1869Yes
number_toIntegermin: 1, max: 1869No
access_classesList[access_classes]No
exec_timeout_minutesIntegermin: 0, max: 35791No
exec_timeout_secondsIntegermin: 0, max: 2147483No
password_levelIntegermin: 0, max: 255No
password_typeChoice0, 6, 7No
passwordStringNo
login_authenticationStringNo
transport_preferred_protocolChoiceacercon, lat, mop, nasi, none, pad, rlogin, ssh, telnet, udptnNo
escape_characterIntegerNo
authorization_execStringNo
authorization_exec_defaultBooleantrue, falseNo
transport_input_allBooleantrue, falseNo
transport_input_noneBooleantrue, falseNo
transport_inputListStringNo

access_classes (iosxe.devices.configuration.line.vtys)

NameTypeConstraintMandatoryDefault Value
directionChoicein, outYes
access_listStringNo
vrf_alsoBooleantrue, falseNo

Examples

iosxe:
devices:
- name: Device1
configuration:
line:
consoles:
- exec_timeout_minutes: 0
exec_timeout_seconds: 45
login_local: true
privilege_level: 15
stopbits: '1'
password_level: 100
password_type: '0'
password: testpasswd
vtys:
- number_from: 0
number_to: 4
access_classes:
- direction: in
access_list: MGMT-ACCESS
vrf_also: true
exec_timeout_minutes: 30
exec_timeout_seconds: 0
password_type: '7'
password: encryptedPassword123
login_authentication: default
transport_preferred_protocol: ssh
transport_input:
- ssh
- number_from: 5
number_to: 15
exec_timeout_minutes: 10
exec_timeout_seconds: 0
transport_input_all: false
transport_input:
- ssh
- telnet