cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
443
Views
0
Helpful
1
Replies

ACL telnet

moses12315
Level 1
Level 1

I have an end-router which is connected with a network which i don't control it. I want to secure the telnet access from that network to the rest of my network so i creat an extended ACL :

access-list 101 deny tcp any any eq telnet

access-list 101 permit tcp any any

access-list 101 permit ip any any.

I put the access list in the interface like that:

int s0/0

access-group 101 in

Did i do that right? Do i need to permit also ip and tcp . Is there a better way?

Thanks

moses

1 Accepted Solution

Accepted Solutions

mohammedmahmoud
Level 11
Level 11

Hi,

the following is enough, permit ip any any does it for you, it means any thing.

access-list 101 deny tcp any any eq telnet

access-list 101 permit ip any any

HTH,

Mohammed Mahmoud.

View solution in original post

1 Reply 1

mohammedmahmoud
Level 11
Level 11

Hi,

the following is enough, permit ip any any does it for you, it means any thing.

access-list 101 deny tcp any any eq telnet

access-list 101 permit ip any any

HTH,

Mohammed Mahmoud.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco