06-24-2013 09:10 PM - edited 03-07-2019 02:03 PM
I do understand that we can use ACLs to deny / permit telnet / ssh traffic by configuring extended ACLs with port numbers.
What i'm trying to know is when we configure transport input ssh on vty lines, it allows only ssh, but not telnet.
Take a scenarios where i have 3 routers connected by a switch. I would allow one router R3 to only telnet to R1 while other R3 to telnet and ssh to R1
Please let me know how to do this??
06-24-2013 09:57 PM
Sagar,
This is recorded on the following link below:
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-vty-lines-access-control-list
HTH
Regards
Inayath
*Plz rate if this info is helpfull.
06-30-2013 09:11 AM
Thank you
06-24-2013 11:06 PM
Hi,
Let's suppose R1 is 10.0.0.1 and R2,R3 are respectively 10.0.0.2 and 10.0.0.3
on R1:
ip access-list extended VTY_ACCESS
deny tcp host 10.0.0.3 host 10.0.0.1 eq ssh
permit ip any any
int f0/0
ip access-group VTY_ACCESS in
line vty 0 4
transport input telnet ssh
Regards
Alain
Don't forget to rate helpful posts.
06-30-2013 09:10 AM
Thanks Alain, that was helpful
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide