Accesslist

sham_chennala · ‎03-06-2008

Hi,

I want to block telnet access in our internet router for that iwant to configure a accesslist in that router what is the command i want use for implimenting this.

access-list 101 deny ip <source add><source wild mask> <destination add><desti wild mask> eq 23

is this command right if there is any mistake plese inform me.

Thanks & Regards

Sham

Nagendra Kumar Nainar · ‎03-06-2008

Hi,

If you want to block anyone connecting via telnet to your router, You can simply use a standard ACL and apply the same under line vty 0 -4. This will block telnet from specified source addresses. EX below,

access-list 1 deny any

line vty 0 4

access-class 1 in

If the ultimate device ( the one where you want users not to be connected via telnet) is within your network. Your command is right.

HTH,

Nagendra

Danilo Dy · ‎03-06-2008

Hi,

For example, you only allow 192.168.1.1 telnet access to your router and block all other IPs

!

ip access-list standard VTY

permit 192.168.1.1

!

line vty 0 4

access-class VTY in

exec-timeout 15 0

transport input telnet

!

end

Regards,

Dandy

Goutam Sanyal · ‎03-06-2008

Hi,

As per Cisco:

To restrict incoming and outgoing connections between a particular vty (into a Cisco device) and the addresses in an access list, use the access-class command in line configuration mode. To remove access restrictions, use the no form of this command.

*Simply u can configute a Standerd ACL and enable it to line conf mode

#conf t

#line vty 0 4

#access-class access-list-number {in | out}

Thanks

Goutam

***Please use rateing sys***