Hi,
I am currently looking to achieve the following in terms of remote access to my network estate:
* restrict external VTY access from management platforms & customer appliances
* allow unrestricted 'internal' communication (using the local device as a 'jump-off' essentially)
* separate customer appliance traffic and NOC traffic (perhaps using rotary configuration)
Ideally I would like to reserve lines 0-4 for customer appliance access and lines 5-15 for normal network operations. Both would be using ACLs to restrict access but the network ops lines would retain the ability to connect to neighbouring devices using SSH.
Does anyone know if this is possible or if there is perhaps an easier way to achieve it?
Thanks in advance!