Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1176
Views
0
Helpful
3
Replies

ssh restriction

paul.tim681
Level 1
Level 1

‎04-28-2012 01:24 AM - edited ‎03-04-2019 04:11 PM

Hi

Two users are locally created on cisco 2801 router and need to restrict ssh access to a specific user only and one public ip.

username cisco password cisco

username cisco1 password 123456

public ip 123.123.123.123

Can anyone guide me

cheers

Paul

Labels:
0 Helpful
3 Replies 3

Dan-Ciprian Cicioiu
Level 7
Level 7

‎04-28-2012 01:38 AM

Hi Paul ,

I do not think that you can do it per user, but globaly. You can try :

ip access-l stan VTY

permit host 123.123.123.123

line vty 0 15

transport input ssh

access-class VTY in

The access-list should contain all the IPs where you accept the remote connections.

The "transport input" will set the permited input management connections, on VTYs.

Dan

0 Helpful

paul.tim681
Level 1
Level 1
In response to Dan-Ciprian Cicioiu

‎04-28-2012 02:04 AM

I knew for IP restrictive access but restrictive access for username I am not aware

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to paul.tim681

‎04-28-2012 04:32 AM

You can use a Radius server that. When it sees the request coming from certain networks for a certain username, it will allow or deny access.

That will require writing some advanced radius config, and in practice is probably not a real necessity.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card