Solved: Re: ACL telnet - Cisco Community

527

Views

0

Helpful

1

Replies

I have an end-router which is connected with a network which i don't control it. I want to secure the telnet access from that network to the rest of my network so i creat an extended ACL :

access-list 101 deny tcp any any eq telnet

access-list 101 permit tcp any any

access-list 101 permit ip any any.

I put the access list in the interface like that:

int s0/0

access-group 101 in

Did i do that right? Do i need to permit also ip and tcp . Is there a better way?

Thanks

moses

1 Accepted Solution

Accepted Solutions

Hi,

the following is enough, permit ip any any does it for you, it means any thing.

access-list 101 deny tcp any any eq telnet

access-list 101 permit ip any any

HTH,

Mohammed Mahmoud.

View solution in original post

1 Reply 1

Hi,

the following is enough, permit ip any any does it for you, it means any thing.

access-list 101 deny tcp any any eq telnet

access-list 101 permit ip any any

HTH,

Mohammed Mahmoud.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card