To control who can telnet into the box, you need to create an ACL which defines which source IP can telnet into the box and then you need to associate the ACL with the vtys.
! ACL to control telnet access
! Only permit telnet access from the 192.168.2.0/24 network
access-list 23 permit 192.168.2.0 0.0.0.255
line vty 0 4
! ACL associated with the vtys
access-class 23 in
And now only those specified by ACL 23 can telnet into the box. Instead of the Network/Wildcard you can use 'access-list 23 permit host 192.168.2.20' to allow a single host.
The 'show version' command should yield a line that's something like :
"IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.3(1), RELEASE SOFTWARE (fc3)"
The C1700-K9O3SY7-M tells you which features are included in the software. If you see the letters 'k2' the software has VPN with 3DES encryption and if you see '56i' it has VPN with 56bit DES encryption.
If your software contains the IOS firewall feature (CBAC) you can view it's configuration using the following command:
sh ip inspect [ all | config | interfaces | name | sessions [detail]]
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :