06-24-2009 06:54 AM - edited 03-21-2019 01:14 AM
What is the easiest and/or best way to disable telnet and SSH access to the WAN port on the UC500?
06-24-2009 07:42 AM
The Faste 0/0 WAN Interface has an ACL put there by CCA, usually 104.
While it allows VPN connections (if you set up the VPN Server on the UC500 - also using CCA) it blocks TELNET and SSH by not explicitly permiting those ports 23 and 22, so they fall to the deny any any (last ACL statement).
So maybe nothing to do if using CCA. If not using CCA, build one, but build it as ACL 150 or higher so if you ever do connect CCA, it will respect it.
06-24-2009 03:52 PM
If you are using CCA, the presence or absence of pinholes in the firewall for telnet/ssh is controlled by the Configure > Device Properties > Device Access screen. As Steve says, these default to no access.
Cheers,
Dave.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide