Cisco Community
English
Register
New Cisco Community "Meet the Authors" Program: LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

257
Views
0
Helpful
0
Replies
Highlighted
Daniel Anderson
Daniel Anderson Beginner
Beginner
‎01-22-2019 04:18 AM
‎01-22-2019 04:18 AM

Nexus5548 - Login Block - Odd ACL/VTY behavior

We're running 5548 Switches within our Data Centre, with login block configured as per the lines below. 

 

login block-for 900 attempts 5 within 30
login quiet-mode access-class 15

 

We're also running another ACL, which is configured on the VTY lines on each Switch. What we're seeing is that when quiet mode feature of login block is activated, ACL 15 is applied to the VTY, as expected. Now at the end of the 900 seconds of the quiet mode period, ACL 15 is removed from the VTY, but the original ACL is not re-applied, which from a security perspective is not great.

 

Appreciate we're running quite an old version of code - 7.2(0)N1(1) - But has anyone seen any similar such similar behavior? I'm planning to upgrade some Switches to try and resolve, as I expect it to be some sort of bug behavior but wanted to see if others had experienced similar issues in the past

 

Thanks

Everyone's tags (2)
0 Helpful
Reply
Latest Contents
16.12.2 Beta Release for Routing Platforms
Created by ramakkr2 on 10-23-2019 12:30 PM
0
0
0
0
Enterprise Routing Business Unit is glad to announce Beta release 16.12.2 for all Routing Platforms such as ASR1K, ISR1K, ISR4K, ISRv, CSR1K Platforms. This release is made available to allow users to test, evaluate and share fee... view more
Meet the Authors Event - Peter Paluch, Co-author of CCIE Rou...
Created by Cisco Moderador on 10-22-2019 05:05 PM
0
0
0
0
Meet the Authors Event - Peter Paluch, Co-author of CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 (Live event – Wednesday, October 30th, 2019 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris) This will have place on Wednesday 30... view more
How to configure ENCS LAN Switch connectivity
Created by kramesh on 10-20-2019 08:11 AM
0
5
0
5
ENCS 5400 is a purpose built compute platform for branch networking. Multiple VNFs (virtual network functions) can be hosted in the ENCS platform with flexible connectivity options.   There are multiple Layer2 software and hardware entities in a typi... view more
Cisco SD-Access Layer2 flooding
Created by dbellamk on 10-19-2019 05:03 PM
0
5
0
5
    <script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv-printshiv.min.js"></script> Layer2 Flooding Cisco SD-Access fabric provides many optimizations to improve unicast traffic flow, and to reduce the unnec... view more
Restricting router from connecting with some vlans
Created by arontig on 10-18-2019 07:39 PM
4
0
4
0
how do we restrict a router interfaces from directly connected to Some vlans? can any one help me to figureout?the question is Router should not have interfaces directly connected to Vlan 30 and Vlan 40
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
July's Community Spotlight Awards