Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1903
Views
0
Helpful
1
Replies

Turn off telnet access to CatOS based switch

rashad_cisco
Level 1
Level 1

‎08-26-2011 02:49 AM - edited ‎03-07-2019 01:54 AM

Hi everybody,

There is some issue with catos based or set based WS-C2948 , ver 8.4(11.0)GLX switch. I need to turn off telnet access and only permit ssh acces to switch. I used the following commands :

clear ip permit 10.0.100.0 255.255.255.0  telnet

set ip permit disable telnet

set crypto key rsa 1024

set ip permit enable ssh

set ip permit 10.0.100.0 255.255.255.0  ssh

but i can still   access through telnet to this switch . Authentication to remote access performed on tacacs server:

set authentication login tacacs enable telnet primary 

but this command cant me allow separatly chose tacacs only for ssh. See below:

PLZ-ASW101> (enable) set authentication login tacacs enable ?

  all                        All supported sessions below

  console                    Console session

  http                       Remote web sessions (http)

  primary                    Specify as primary source

  telnet                     Remote cli sessions (telnet, ssh)

Please advise how to resolve this issue.

Thank in advance,

BR,

Rashad

Labels:
0 Helpful
1 Reply 1

glen.grant
VIP Alumni
VIP Alumni

‎08-26-2011 05:00 AM

   You have turned off the ip permit list so it is not currently restricted so you would be able to telnet to it .  Turn ip permit back on for telnet  and remove the permit list entry .   If there is no permit list entry it is denied.

clear ip permit 10.0.100.0 255.255.255.0  telnet

set ip permit enable telnet

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card