Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Securing Telnet

How do I disable telnet sessions from the wan adapter but allowing telnet access from the lan network.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Bronze

Re: Securing Telnet

Two ways.

1) Add an ACL to your WAN interface

ip access-list ext InboundACL

deny tcp any any eq telnet

permit ip any any

int s 1/0

access-g InboundACL in

2) Create an ACL and apply it to the Line VTY.

access-list 10 permit 10.1.1.0 0.0.0.255

line vty 0 4

access-class 10 in

That should do it for a rough sketch, although you'll need to modify for your environment. I would recommend disabling telnet altogether and going with SSH, too.

Hope this helps, rate if it does,

JB

Green

Re: Securing Telnet

VTY is short for "Virtual Terminal" (old system name for terminals is TTY).

VTY handles Telnet and SSH (for IOS that supports SSH)

Line Console is the serial port on the front.

Good Luck

Scott

3 REPLIES
Bronze

Re: Securing Telnet

Two ways.

1) Add an ACL to your WAN interface

ip access-list ext InboundACL

deny tcp any any eq telnet

permit ip any any

int s 1/0

access-g InboundACL in

2) Create an ACL and apply it to the Line VTY.

access-list 10 permit 10.1.1.0 0.0.0.255

line vty 0 4

access-class 10 in

That should do it for a rough sketch, although you'll need to modify for your environment. I would recommend disabling telnet altogether and going with SSH, too.

Hope this helps, rate if it does,

JB

Community Member

Re: Securing Telnet

I think i'm wrong on this issue but isn't the VTY the serial inerface? I wanted access from my internal network without plugging a cables into a special port.

Green

Re: Securing Telnet

VTY is short for "Virtual Terminal" (old system name for terminals is TTY).

VTY handles Telnet and SSH (for IOS that supports SSH)

Line Console is the serial port on the front.

Good Luck

Scott

141
Views
5
Helpful
3
Replies
CreatePlease to create content