02-18-2014 08:35 AM - edited 03-07-2019 06:16 PM
Hi,
I have a Cisco 4500x, connected and configured the management interface fa1.
I can ping, telnet, ssh and so on, and configured the vrf.
I want to restrict access to vty, so I use the default access-class on the vty.
I do that, I lose connections to the cisco 4500x remotely, telnet, ssh does not go through.
Access-list is ok and I can even see the match on the access-list
access-list 120 permit ip host <mypc> <mgt_ip_4500x>
However all connections are blocked.
Can anyone help please.
Thanks
Solved! Go to Solution.
02-18-2014 09:12 AM
If the interface is in a VRF I think you will need the access-class x in vrf-also command to make it apply to interfaces in VRF as well.
Daniel Dib
CCIE #37149
Please rate helpful posts
02-18-2014 09:12 AM
If the interface is in a VRF I think you will need the access-class x in vrf-also command to make it apply to interfaces in VRF as well.
Daniel Dib
CCIE #37149
Please rate helpful posts
02-18-2014 11:26 PM
Excellent, it works fine with the vrf-also.
Just to point out works only with standard acl.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide