There are 2 ways that you can do it. You can set up a rotary on the line, but this restricts you to 30xx or 70xx and doesn't allow 9000 as far as I know. The other way is to set up nat for destinations to tcp/23
ip nat inside source static tcp 23 interface 9000
The above would work whenever it sees port 9000 inbound to the public side interface (you'd want to obviously fix the direction that you'd need)
The other way is the rotary method. Say that you're okay with 7034 as a port. You'd create an acl and then apply it to the line:
access-list 123 permit tcp any any 7034
line vty 0 4
access-class 123 in
I would recommend disabling telnet if you can though. If not, use non-dictionary passwords, set login retries, set account lockouts, etc.
Also, moving a port from telnet won't hide from an attacker. Port scanners will still find it...
You can set up a rotary. Whatever number you choose for your rotary will be appended to ports 3000 and 7000. So, you can use 34 for 3034 and 7034, 56 for 3056 and 7056, etc. Then you would create and acl that permits only the port that you want to use. Creating an acl for this will not affect the cpu at all.
Listen: https://smarturl.it/CCRS8E37Follow us: twitter.com/ciscochampionSometimes, situations require temporary fixes. Sometimes, the network becomes an afterthought in overall office design and planning. In either situation, it may require netw...
In this special edition of the Insider Series, we hear from Cisco partners who have taken steps to be more eco-friendly and sustainable. We hear what inspires ASHRAE, Southwire, Igor, and NTT to create a workplace that is centered around people and how th...
We know that the Type-1 LSA describes the link type connected to the router, the neighbor router and the subnet number.In this topology, assume we dont have a Type-2 LSA, so each router will create its own Type-1 LSA, the Type-1 LSA will describe the neig...
Here are some commonly asked questions and answers to help with your adoption of Cisco DNA Center Wireless. Subscribe to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
Q. I have a Cisco Appl...
Why IETF changed and inverted OSPF Type-7 LSA VS Type-5 LSA election In RFC 3101 compared to OLD RFC 1587?Many people learns that the Type-7 LSA and Type-5 election (ON Versus OE routes) depends on RFC 3101 for NSSA published in 2003 and RFC 1587 for NSSA...