I am trying to lock down a Nexus 1110 to only allow specific hosts access via VTY.
I have created the access-list, however there does not appear to be an option to apply the list to the VTY lines.
Here is what I mean:
IP access list SNMP_RO/SSH
10 permit ip x.x.x.x/32 y.y.y.y/32
HOST1(config-line)# ? exec-timeout Configure exec timeout no Negate a command or set its defaults session-limit Set the max no of concurrent vsh sessions end Go to exec mode exit Exit from command interpreter pop Pop mode from stack or restore from name push Push current mode to stack or save it under name where Shows the cli context you are in
I am guessing that class-maps might be the way forward, but want to understand if there are other options?
loader: version unavailable [last: loader version not available]
kickstart: version 4.2(1)SP1(5.1a)
system: version 4.2(1)SP1(5.1a)
kickstart image file is: bootflash:/nexus-1010-kickstart-mz.4.2.1.SP1.5.1a.bin
system image file is: bootflash:/nexus-1010-mz.4.2.1.SP1.5.1a.binSoftware loader: version unavailable [last: loader version not available] kickstart: version 4.2(1)SP1(5.1a) system: version 4.2(1)SP1(5.1a) kickstart image file is: bootflash:/nexus-1010-kickstart-mz.4.2.1.SP1.5.1a.bin kickstart compile time: 10/25/2012 11:00:00 [10/25/2012 21:52:53] system image file is: bootflash:/nexus-1010-mz.4.2.1.SP1.5.1a.bin
Cisco Workload Optimization Manager (CWOM)
Continuously Assure Application Performance at Any Scale
Webinar: Wednesday, October 23rd at 11am ET
Today’s applications utilize traditional virtualization platforms as well as newer DevOps meth...
To participate in this event, please use the button to ask your questions
This special event - formerly known as Ask the Expert- is open only to Cisco Customers and Partners.
Many pages in the Cisco Community are acce...