Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
1
Replies

which solution is correct?

Go to solution
att-sgcops
Level 1
Level 1

‎07-28-2006 10:45 PM - edited ‎03-03-2019 01:29 PM

If I was required to log all the telnet session to router R1 comming from outside with the following network topology:

outside -------(S0/0, IP addr 11.1.1.1) R1 (e0/0)-----inside

1: interface s0/0

ip access-group Incoming in

ip access-list extended Incoming

permit tcp any 11.1.1.1 eq telnet log

permit ip any any

2: line vty 0 4

access-class incoming

ip access-list standard incoming

permit any log

Which way is correct? Or both are correct?

thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Roberto Salazar
Level 8
Level 8

‎07-28-2006 11:49 PM

Number two will also log telnet from internal since the access-list is applied on the VTY, and the access-list permits all. In other words, it would log telnet coming from e0/0 or inside too. so, it does not meet the requirement.

Please rate helpful posts.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Roberto Salazar
Level 8
Level 8

‎07-28-2006 11:49 PM

Number two will also log telnet from internal since the access-list is applied on the VTY, and the access-list permits all. In other words, it would log telnet coming from e0/0 or inside too. so, it does not meet the requirement.

Please rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card