12-06-2014 11:53 PM - edited 03-05-2019 12:18 AM
Hi ,
Please help ....how can i secure to my Internet router [connected with ISP-Edge Router-Cisco 2900] as when i check that who are login in my router then showing maximum china IP's login in my router.
I am also login in this router from remotely so I Cant block telnet or SSH so how can i protect with unwanted login.
Regards,
Ravinder Bora
Solved! Go to Solution.
12-07-2014 07:09 AM
There are a few ways to go about this. The simplest is to cut off all telnet access and secure SSH access so that it can only be accessed from your location. Something like this will work:
ip access-list extended ACL_WAN permit tcp host x.x.x.x any eq 22 deny tcp any any range 22 23 permit ip any any ! interface GigabitEthernet0/0 (or whichever your WAN is) no ip unreachables no ip redirects ip access-group ACL_WAN in
Replace x.x.x.x with the address that you're managing this from and everyone else will be locked out.
12-07-2014 07:09 AM
There are a few ways to go about this. The simplest is to cut off all telnet access and secure SSH access so that it can only be accessed from your location. Something like this will work:
ip access-list extended ACL_WAN permit tcp host x.x.x.x any eq 22 deny tcp any any range 22 23 permit ip any any ! interface GigabitEthernet0/0 (or whichever your WAN is) no ip unreachables no ip redirects ip access-group ACL_WAN in
Replace x.x.x.x with the address that you're managing this from and everyone else will be locked out.
12-07-2014 11:02 AM
If you really need to login from outside random IPs, then you can:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide