I have not done a whole lot of access-lists before.
I have Cisco 3560 switch and I need to add an access-list. Basically I have six servers that are logged into remotely:
Users are able to SSH to the servers from the Corporate LAN. However, when people get to the servers I need to make sure they get locked down. Once logged in, I don't want them to be able to SSH, Telnet, or FTP from those boxes to another part of the network. I don't care if they monkey around on the actual subnet, but I just don't want them to be able to source SSH/FTP/Telnet from those boxes to another part of the network.
Understanding that SSH is used to reach the servers, how can I (or can I) lock this down with an access-list.
Thanks in advance for any help you can provide.