Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

VTY - Extended ACL with destination address

Hi,

Is it possible to apply extended ACL to vty lines with specific destination address on Cat6500 12.2(33).

I have noticed that destination address is not effective even though it allows to configure.

3 REPLIES
Hall of Fame Super Bronze

Re: VTY - Extended ACL with destination address

You are allowing/denying access to the VTY lines.

VTY lines have no IP address so what's the benefit to include the destination?

If you want to allow/deny telnet via some interfaces, you need to implement the ACL on those interfaces (source/destination) if needed.

HTH,

__

Edison.

Community Member

Re: VTY - Extended ACL with destination address

Thanks.

So does it mean, I would need to allow access at two points (in case of allowance). 1) permit source on the vty via access-class 2) permit source on specific destination interface (SVI) on the interface access-list.

Please correct me if I am wrong.

Hall of Fame Super Bronze

Re: VTY - Extended ACL with destination address

Correct.

384
Views
4
Helpful
3
Replies
CreatePlease to create content