08-09-2007 09:38 AM - edited 03-05-2019 05:48 PM
I am trying to secure vty access to my 3560's. I enabled ssh, and added the following to my vty 0 4 line:
line vty 0 4
privilege level 15
password XXXXXXXXXXXX
length 0
transport preferred ssh
transport input ssh
I thought this would block telnet traffic, but I still can access it via telnet.
I am running 12.2(25)SEE4
Anybody know what else is needed?
Thanks.
Solved! Go to Solution.
08-09-2007 09:58 AM
Hi
I'm not sure you do need access-list as well. The 3560 supports vty 0 - 15. Is there a chance that when you telnet you are using a vty above 4 to get in ?
Jon
08-09-2007 09:52 AM
Hi,
You need ACL's
3560(config)# access-list 101 deny tcp any any eq telnet
3560(config)# access-list 101 permit ip any any
3560(config)# line vty 0 15
3560(config-line)# access-class 101 in
Please rate if helps
Regards,
~JG
08-09-2007 09:58 AM
Hi
I'm not sure you do need access-list as well. The 3560 supports vty 0 - 15. Is there a chance that when you telnet you are using a vty above 4 to get in ?
Jon
08-09-2007 10:05 AM
You were correct. It was not ACL, I must have been coming in on 5 15
when I put the command no exec under line vty 5 15 that made the difference. Thank you very much.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide