How do I setup a Dynamic ACL, yet still allow ssh/telnet access to the router ?
Tried L&K on line vty 0 via ssh, and it works fine... I provide my username and password, then it drops the connection and starts the dynamic acl. The problem is I want to be able to ssh into the router normally to configure it.... but since L&K controls vty 0, I can't get in !?
The concept of dynamic ACLs itself to authenticate through Telnet session to create Temporary ACL entries and IMMEDIATELY terminates the session. So the behavior which you experienced is by it's design.
One option which I can think of is to serve your purpose is...
Each VTY port also have specific port number (just like TTY ports connected to Cisco AS2511-RJ router to have OOB access) and you can configure dynamic ACLs for some VTY ports (say, VTY 0 to 3) and plain configuration for any of remaining ports (say VTY 4). So that, you can login indefinitely by telnetting into VTY 4 with that particular port number which varies from model to model.
But this also have a disadvantage that dynamic ACLs won't be effective if you have connected into this Telnet session by default in future.
With best regards...
Pls kindly rate if helpful or answered your question.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.