Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
823
Views
0
Helpful
1
Replies

I cannot ssh in line vty 0 4 ( access-class xxx in )

chhayhengc
Level 1
Level 1

‎08-26-2014 07:26 AM

ip access-list extended BLOCK
 permit tcp host 10.10.10.2 any eq 22
 deny tcp any any eq 22 (work)

But, 
ip access-list extended BLOCK
 permit tcp host 10.10.10.2 host 10.10.10.1 eq 22
 deny tcp any any eq 22 (not work) when i apply vty
 

 

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎08-26-2014 09:01 AM

When binding the access-list with an access-class to a router/switch-line, then the destination has to be "any". It's not allowed to have a different destination specified (like your "host 10.10.10.1").

0 Helpful
Customers Also Viewed These Support Documents