08-09-2007 09:38 AM - edited 03-05-2019 05:48 PM
I am trying to secure vty access to my 3560's. I enabled ssh, and added the following to my vty 0 4 line:
line vty 0 4
privilege level 15
password XXXXXXXXXXXX
length 0
transport preferred ssh
transport input ssh
I thought this would block telnet traffic, but I still can access it via telnet.
I am running 12.2(25)SEE4
Anybody know what else is needed?
Thanks.
Solved! Go to Solution.
08-09-2007 09:58 AM
Hi
I'm not sure you do need access-list as well. The 3560 supports vty 0 - 15. Is there a chance that when you telnet you are using a vty above 4 to get in ?
Jon
08-09-2007 09:52 AM
Hi,
You need ACL's
3560(config)# access-list 101 deny tcp any any eq telnet
3560(config)# access-list 101 permit ip any any
3560(config)# line vty 0 15
3560(config-line)# access-class 101 in
Please rate if helps
Regards,
~JG
08-09-2007 09:58 AM
Hi
I'm not sure you do need access-list as well. The 3560 supports vty 0 - 15. Is there a chance that when you telnet you are using a vty above 4 to get in ?
Jon
08-09-2007 10:05 AM
You were correct. It was not ACL, I must have been coming in on 5 15
when I put the command no exec under line vty 5 15 that made the difference. Thank you very much.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: