Hi,
The usual method of restricting telnet access to a router is to configure an access-list which permits only trusted source IP addresses and then apply it to the vty lines on the router.
For example
access-list 1 permit 200.1.1.0 0.0.0.255
!
line vty 0 4
access-class 1 in
With the above config, only hosts with an IP address in the 200.1.1.0/24 network will be allowed to telnet into the router. All other hosts will be denied.
Hope that helps - pls rate the post if it does.
Paresh