03-06-2008 03:22 AM - edited 03-03-2019 09:00 PM
Hi,
I want to block telnet access in our internet router for that iwant to configure a accesslist in that router what is the command i want use for implimenting this.
access-list 101 deny ip <source add><source wild mask> <destination add><desti wild mask> eq 23
is this command right if there is any mistake plese inform me.
Thanks & Regards
Sham
03-06-2008 03:31 AM
Hi,
If you want to block anyone connecting via telnet to your router, You can simply use a standard ACL and apply the same under line vty 0 -4. This will block telnet from specified source addresses. EX below,
access-list 1 deny any
line vty 0 4
access-class 1 in
If the ultimate device ( the one where you want users not to be connected via telnet) is within your network. Your command is right.
HTH,
Nagendra
03-06-2008 03:34 AM
Hi,
For example, you only allow 192.168.1.1 telnet access to your router and block all other IPs
!
ip access-list standard VTY
permit 192.168.1.1
!
line vty 0 4
access-class VTY in
exec-timeout 15 0
transport input telnet
!
end
Regards,
Dandy
03-06-2008 03:38 AM
Hi,
As per Cisco:
To restrict incoming and outgoing connections between a particular vty (into a Cisco device) and the addresses in an access list, use the access-class command in line configuration mode. To remove access restrictions, use the no form of this command.
*Simply u can configute a Standerd ACL and enable it to line conf mode
#conf t
#line vty 0 4
#access-class access-list-number {in | out}
Thanks
Goutam
***Please use rateing sys***
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: