04-15-2011 10:47 PM
Hi,
I'm not familary with cisco switches and maybe someone can help? How can I disable telnet?
Googled and find info about access-list, but it's not working for me. Maybe, I was misstaken with this command.
With this access list I can make telnet from anywhere
Output from config:
-----------------------------------------------------------
no ip http server
access-list 110 deny tcp any any eq telnet
access-list 111 deny tcp any host x.x.x.x eq telnet
access-list 111 permit ip any any
snmp-server engineID local
snmp-server community xxxx RO
!
line con 0
exec-timeout 0 0
transport input none
stopbits 1
line vty 0 4
access-class 111 in
password *******
login local
transport input none
line vty 5 15
access-class 111 in
password *******
login
!
end
Solved! Go to Solution.
04-16-2011 10:52 AM
Hi,
That is right. You will be access the switch from anywhere because of the ACE "access-list 111 permit ip any any" .
Please remove the Access-list 111
i.e.
line vty 0 15
no access-list 111 in
Also try the following
line vty 0 15
no transport input none
Let me know the results.
Hope this helps.
Regards,
Anisha
P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.
04-16-2011 12:27 AM
line vty 0 15
transport input ssh
This will allow ssh.
04-16-2011 10:52 AM
Hi,
That is right. You will be access the switch from anywhere because of the ACE "access-list 111 permit ip any any" .
Please remove the Access-list 111
i.e.
line vty 0 15
no access-list 111 in
Also try the following
line vty 0 15
no transport input none
Let me know the results.
Hope this helps.
Regards,
Anisha
P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.
04-17-2011 03:28 AM
Thanks! Thats worked.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide