[c-nsp] Cisco disable ports 2001,4001,6001,9001
Nick Hilliard
nick at foobar.org
Thu Dec 11 07:32:51 EST 2025
Marco Moock via cisco-nsp wrote on 11/12/2025 11:48:
> Certain Cisco models (in my case 800 series, e.g. C886vaw, 886w etc.)
> have telnet services on port 2001,4001,6001 and 9001.
>
> What is the preferred way to disable them entirely (not firewalling
> them), but keep telnet and ssh?
This isn't telnet-to-the-device, it's remote access to physical ports.
You can disable it easily using e.g. for serial console:
line con 0
transport preferred none
You'll need check which access lines are defined on each device and then
disable them using "transport preferred none".
Nick
More information about the cisco-nsp
mailing list