Accesslist

Unanswered Question
Mar 6th, 2008

Hi,

I want to block telnet access in our internet router for that iwant to configure a accesslist in that router what is the command i want use for implimenting this.

access-list 101 deny ip <source add><source wild mask> <destination add><desti wild mask> eq 23

is this command right if there is any mistake plese inform me.

Thanks & Regards

Sham

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Nagendra Kumar ... Thu, 03/06/2008 - 03:31

Hi,

If you want to block anyone connecting via telnet to your router, You can simply use a standard ACL and apply the same under line vty 0 -4. This will block telnet from specified source addresses. EX below,

access-list 1 deny any

line vty 0 4

access-class 1 in

If the ultimate device ( the one where you want users not to be connected via telnet) is within your network. Your command is right.

HTH,

Nagendra

Danilo Dy Thu, 03/06/2008 - 03:34

Hi,

For example, you only allow 192.168.1.1 telnet access to your router and block all other IPs

!

ip access-list standard VTY

permit 192.168.1.1

!

line vty 0 4

access-class VTY in

exec-timeout 15 0

transport input telnet

!

end

Regards,

Dandy

Goutam Sanyal Thu, 03/06/2008 - 03:38

Hi,

As per Cisco:

To restrict incoming and outgoing connections between a particular vty (into a Cisco device) and the addresses in an access list, use the access-class command in line configuration mode. To remove access restrictions, use the no form of this command.

*Simply u can configute a Standerd ACL and enable it to line conf mode

#conf t

#line vty 0 4

#access-class access-list-number {in | out}

Thanks

Goutam

***Please use rateing sys***

Actions

This Discussion