cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
307
Views
0
Helpful
1
Replies
Highlighted
Beginner

Restrict SSH access to a interface

Topology:

Client <---> L2 <---> L3 <---> R1 <--- GRE ---> R2 <---> L3 <---> L2 <---> Client

The L3 is used as gateway on each VLAN, and is therefor doing intervlan routing.

VLAN topology on left side:

VLAN 10 - Client - 10.10.1.x

VLAN 20 - Server - 10.20.1.x

VLAN 30 - Voice - 10.30.1.x

VLAN 40 - MGT - 10.40.1.x

VLAN topology on left side:

VLAN 10 - Client - 10.10.2.x

VLAN 20 - Server - 10.20.2.x

VLAN 30 - Voice - 10.30.2.x

VLAN 40 - MGT - 10.40.2.x

Problem:

The L3 can be accessed with SSH on all the ip adresses assigned to the switch.

How can i restrict that access, so it only can be done on the ip adresse in VLAN40??

Any client should be able to SSH to any switch.

Things Tryed:

I have tryed adding a access-list on the left L3

access-list 99 permit 10.40.1.0 0.0.0.255

and assigning it to the VTY line.

line vty 0 4

access-class 99 in

Resulting in a connection refused on all addresses.

1 REPLY 1
Beginner

Restrict SSH access to a interface

a gentle bump, in the hope that some guru will see it.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards