Solved: I need some assitance on disabling Telnet using ACLs

Bimsara · ‎11-09-2019

Hi Everyone,

I have tried multiple times to disable telnet using acls but i could still telnet from the pc, i have attached all my configurations,

Any help would be great! thank you.

Georg Pauwen · ‎11-09-2019

Hello,

you need to apply an access list to your VTY lines.

In the sample config below, you would deny TELNET access from all hosts on your network, and allow anyone else.

access-list 1 deny 192.168.2.0 0.0.0.127
access-list 1 permit any
!
line vty 0 15
access-class 1 in

View solution in original post

luis_cordova · ‎11-09-2019

Hi @Bimsara

Try this:

access-list 10 deny any

line vty 0 4

access-class 10 in

Regards

Georg Pauwen · ‎11-09-2019

Hello,

you need to apply an access list to your VTY lines.

In the sample config below, you would deny TELNET access from all hosts on your network, and allow anyone else.

access-list 1 deny 192.168.2.0 0.0.0.127
access-list 1 permit any
!
line vty 0 15
access-class 1 in

balaji.bandi · ‎11-09-2019

As per your request, you want to deny only certain IP address range @Georg PauwenPauwen suggestions works as expected.

if you deny any, all will be dropped, and you have the only option is console.(SSH still works though)

If you looking to disable telnet and enable SSH only ( as good practice - telnet is not secure)

line vty 0 4
transport input ssh

make sure you create a username and password.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Leo Laohoo · ‎11-09-2019

To all concerned,
It is very clear this thread is school work.
Help the students learn: Post the links to documents and configuration guides.
Please refrain from handing out answers.