Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

I cannot ssh in line vty 0 4 ( access-class xxx in )

ip access-list extended BLOCK
 permit tcp host 10.10.10.2 any eq 22
 deny tcp any any eq 22 (work)

But, 
ip access-list extended BLOCK
 permit tcp host 10.10.10.2 host 10.10.10.1 eq 22
 deny tcp any any eq 22 (not work) when i apply vty
 

 

1 REPLY
VIP Purple

When binding the access-list

When binding the access-list with an access-class to a router/switch-line, then the destination has to be "any". It's not allowed to have a different destination specified (like your "host 10.10.10.1").


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
437
Views
0
Helpful
1
Replies
CreatePlease to create content