cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
800
Views
0
Helpful
1
Replies

I cannot ssh in line vty 0 4 ( access-class xxx in )

chhayhengc
Level 1
Level 1

ip access-list extended BLOCK
 permit tcp host 10.10.10.2 any eq 22
 deny tcp any any eq 22 (work)

But, 
ip access-list extended BLOCK
 permit tcp host 10.10.10.2 host 10.10.10.1 eq 22
 deny tcp any any eq 22 (not work) when i apply vty
 

 

1 Reply 1

When binding the access-list with an access-class to a router/switch-line, then the destination has to be "any". It's not allowed to have a different destination specified (like your "host 10.10.10.1").