07-28-2006 10:45 PM - edited 03-03-2019 01:29 PM
If I was required to log all the telnet session to router R1 comming from outside with the following network topology:
outside -------(S0/0, IP addr 11.1.1.1) R1 (e0/0)-----inside
1: interface s0/0
ip access-group Incoming in
ip access-list extended Incoming
permit tcp any 11.1.1.1 eq telnet log
permit ip any any
2: line vty 0 4
access-class incoming
ip access-list standard incoming
permit any log
Which way is correct? Or both are correct?
thanks
Solved! Go to Solution.
07-28-2006 11:49 PM
Number two will also log telnet from internal since the access-list is applied on the VTY, and the access-list permits all. In other words, it would log telnet coming from e0/0 or inside too. so, it does not meet the requirement.
Please rate helpful posts.
07-28-2006 11:49 PM
Number two will also log telnet from internal since the access-list is applied on the VTY, and the access-list permits all. In other words, it would log telnet coming from e0/0 or inside too. so, it does not meet the requirement.
Please rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide