Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1196
Views
0
Helpful
3
Replies

linevty and mgmt interface

Arjun Dabol
Level 1
Level 1

‎08-23-2017 05:04 AM - edited ‎03-08-2019 11:48 AM

Hi

 

I have a 6800 switch and it has mgmt 0 interface.

 

I want to disable line vty completely (telnet and ssh both) and just want to allow access via this int. mgmt 0.

can someone tell what config needs to be done for this on 6800 ?

 

thanks

Labels:
0 Helpful
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-23-2017 05:13 AM

You still need VTY but put an ACL to only allow access via the Management port subnet.
0 Helpful

Mark Malone
VIP Alumni
VIP Alumni
In response to Leo Laohoo

‎08-23-2017 05:22 AM

and to add to Leos point souce all the traffic from the mgmt going outbound too for mgmt protocls that you have in use

 

ip tacacs source-interface

logging source-interface
ntp source

ip tftp source-interface
ip ssh source-interface
snmp-server source-interface informs

0 Helpful

Arjun Dabol
Level 1
Level 1
In response to Leo Laohoo

‎08-24-2017 02:38 AM

Thankyou . 

 

Ok so in my case I have a router with mgmt interface (int mgmt 0) with ip address 192.168.1.1 

Now I want that my network administrator sholuld telnet in to the router using only this int mgmt IP and Not any other loopback OR interface IP configured on the router ? So where exactly i configure this ACL and apply ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card