My question is that when I apply this command on R1 'ip telnet source-interface vlan 99' and from the neighbor router, R2 i still can establish telnet session to R1 by telnetting to R1 on vlan 100.
The configs on R1 looks as follows :-
ip telnet source-interface vlan 99
int vlan 99
description Mgmt vlan
ip add 172.16.96.96.1 255.255.255.240
int vlan 100
description Inner Rail
ip add 172.16.96.113 255.255.255.240
line vty 0 15
My undertanding to this is that R2 will only be able to connect to R1, via vlan 99 only and not vlan 100. So why is it that I can access R1 via vlan 100 ?
- InternetB -
Well it can be useful if you need to lock down access to and from devices with access-lists for example. Often on a router you would use a loopback IP address as the telnet source interface.
Also when a router has multiple interfaces some of the IP addresses may not be routable throughout your network so you can pick one of the addresses that can be routed anywhere by specifying it with the source interface command.