cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
328
Views
3
Helpful
2
Replies

ip receive access-list

ryancisco01
Level 1
Level 1

Hi trying to add this command to an asr1k but its not taking it:

ip receive access-list xx

The command is listed in the ISO XE best practises guide, if its not supported on this platform is there a better way to restrict management access to all self IP's on the device? Currently the problem is, if a new interface is added it will be accessible via ssh unless someone specifically adds it to an acl. (VTY access class only seems to support one acl, but we use both ipv4 and ipv6 so I we cannot mix the two in one acl)

2 Replies 2

RAdamWilliams
Level 1
Level 1

I tested this on a 9300 so your milage may vary but under line vty there is also 'ipv6 access-class <name> in'

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello @ryancisco01 ,

the IP receive ACL is an old feature that was used before introduction of CoPP Control Plane Policing

Hope to help

Giuseppe

 

Review Cisco Networking for a $25 gift card