We have recently installed a C2951 router running 15.0(1) IOS version. However, we have a problem configuring VTY ACL. While trying to login to the router via SSH, the VTY ACL has some matches regarding the SSH client IP address, but the router refuses the SSH connection when the "VTY_ACL" standard named ACL is configured on line vty (marked with red color). If no VTY ACL has assinged to the router line vty, the SSH connection is OK.
The current configuration seems to be OK, see below:
[There is some AAA configuration, including TACACS+ and finally the local auth at the end of the sequence list.)
line vty 0 4
access-class VTY_ACL in
timeout login response 10
transport preferred none
transport input ssh
transport output ssh
ip access-list standard VTY_ACL
permit [host IP]
permit [subnet range] 0.0.0.255
Could someone help us to solve this problem? Does anybody have any experience about this issue?
Thanks in advance!