06-11-2009, 08:37 PM
I tested this out on equipment today, and my suspicions, and I believe the original poster's, are right. If I configure only line vty 1 as the "correct answer" suggests, lines 0 and 2 through 4 are automatically configured with the login prompt and no password, effectively locking anyone out from using those 4 lines. The problem is, when you attempt to telnet into the router, the router takes the connection on line vty 0 and because it is configured with a login/no password combination the connection will fail. There is no way to "pick" which vty line you get when logging in to a router, they are assigned sequentially starting at 0 until all lines are used. As a result, the only "correct" answer to this question would have to be:
service password-encryption
line vty 0
login
password cisco
service password-encryption
line vty 0
login
password cisco