09-28-2009 09:51 AM - edited 03-04-2019 06:11 AM
Found this in my router:
Extended IP access list sl_def_acl
10 deny tcp any any eq telnet log
20 deny tcp any any eq www log
30 deny tcp any any eq 22 log
40 permit ip any any log
I did not add this and I cannot get rid of it.
Any ideas?
It does not show up in sh run either. It is almost like a self aware threat that added the acl but now I cannot get rid of it.
09-28-2009 10:35 AM
Hello.
It is an automatic ACL that is applied when you configure the new IOS login enhancements.
This link has all the information you need:
http://blog.ioshints.info/2006/12/cisco-ios-login-enhancements.html
Kind Regards
Simon
09-28-2009 11:18 AM
any idea how to get rid of it?
09-29-2009 08:14 AM
Hi.
The options you have are to either remove the enhanced login config or create a quiet mode ACL of your own:
login quiet-mode access-class [ACL]
This will overwrite the sf_def_acl with a more meaningful name.
However don't feel you have to get rid of it, it is correct in being there.
Simon
09-29-2009 08:49 AM
It is correct but I cannot telnet to my router so I need to either get rid of it or use something else so I can log in.
09-30-2009 12:56 AM
Hello.
Seeing this ACL does not necessarily mean it is applied to the VTY line. It is only applied when the IOS login enhancements enter silent mode.
If you remove all your enhanced login commands does telnet work?
If no then you need to troubleshoot the telnet problem like normal and disregard the ACL you are concentrating on.
If yes then you need to give us more information like
1) 'show login' (during problem)
2) 'show login failures' (during problem)
3) all the login commands you have configured
4) the line vty configuration
Simon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: