Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Accesslist

Hi,

I want to block telnet access in our internet router for that iwant to configure a accesslist in that router what is the command i want use for implimenting this.

access-list 101 deny ip <source add><source wild mask> <destination add><desti wild mask> eq 23

is this command right if there is any mistake plese inform me.

Thanks & Regards

Sham

3 REPLIES
Cisco Employee

Re: Accesslist

Hi,

If you want to block anyone connecting via telnet to your router, You can simply use a standard ACL and apply the same under line vty 0 -4. This will block telnet from specified source addresses. EX below,

access-list 1 deny any

line vty 0 4

access-class 1 in

If the ultimate device ( the one where you want users not to be connected via telnet) is within your network. Your command is right.

HTH,

Nagendra

Re: Accesslist

Hi,

For example, you only allow 192.168.1.1 telnet access to your router and block all other IPs

!

ip access-list standard VTY

permit 192.168.1.1

!

line vty 0 4

access-class VTY in

exec-timeout 15 0

transport input telnet

!

end

Regards,

Dandy

Re: Accesslist

Hi,

As per Cisco:

To restrict incoming and outgoing connections between a particular vty (into a Cisco device) and the addresses in an access list, use the access-class command in line configuration mode. To remove access restrictions, use the no form of this command.

*Simply u can configute a Standerd ACL and enable it to line conf mode

#conf t

#line vty 0 4

#access-class access-list-number {in | out}

Thanks

Goutam

***Please use rateing sys***

163
Views
0
Helpful
3
Replies