cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1178
Views
0
Helpful
6
Replies

trouble blocking telnet on wan side

ryancolson
Level 1
Level 1

I have a 1721 set up as i guess a router on a stick. Anyway I cannot seem to block telnet on my wan interface. I use 5 IPs on my wan side of my router(from a cable modem) and I can only telnet to the Ip that i set as the interface ip. However, when I try to apply an accesslist it still gets thru. The top line on my acces-list 101 is access-list 101 deny tcp any any eq telnet. Accesslist 101 is is applied inbound in the interface. What else do I need to do to get this to block telnet on that interface

1 Accepted Solution

Accepted Solutions

Right.

Can you confirm that you applied the ACl on the LIne VTY 0 15

access-list 199 permit tcp xx.yy.zz.0 0.0.0.255 any

access-list 199 permit tcp aa.bb.cc.0 0.0.0.127 any

access-list 199 deny ip any any log

line vty 0 4

access-class 199 in

exec-timeout 60 0

View solution in original post

6 Replies 6

spremkumar
Level 9
Level 9

Hi Ryan

Can you post the config which you have done over there in your router ?

regds

mtechnology
Level 1
Level 1

do you deny telnet from outside ?if yes

bellow the configuation

conf t

line vty 0 15

transport input none

-------------

if no

past the config for router

Right.

Can you confirm that you applied the ACl on the LIne VTY 0 15

access-list 199 permit tcp xx.yy.zz.0 0.0.0.255 any

access-list 199 permit tcp aa.bb.cc.0 0.0.0.127 any

access-list 199 deny ip any any log

line vty 0 4

access-class 199 in

exec-timeout 60 0

I applied the access to the outside interface, which is ethernet0

I was wrong. It is only allowing telnet to the outside interface ip from inside.

Is the issue fixe now ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: