Solved: Creating ACL to block SSH in WLC - Cisco Community

1735

Views

0

Helpful

1

Replies

Hi everyone,

For some reason i want that clients with ip 192.168.2.0 should not ssh to any ip address.

Rest of traffic can pass the WLC no issues.

To make the this ACL i can configure ACL like below

source 192.168.2.0 source port any destination any port 22

direction inbound.

After this i can add the ACL source any port any destination any port any?

Will above ACL block ssh connections coming from user PC and all everything else?

Regards

Mahesh

1 Accepted Solution

Accepted Solutions

Hi Mahesh,

Yes you can block ssh access from one PC.

Here is the example:

1 deny 192.168.2.0/32 WLC_IP/32 tcp any 22 any any

2 permit 0.0.0.0/0 0.0.0.0/0 any any any any any

see the screenshot:

Regards

Don't forget to rate helpful posts

View solution in original post

1 Reply 1

Hi Mahesh,

Yes you can block ssh access from one PC.

Here is the example:

1 deny 192.168.2.0/32 WLC_IP/32 tcp any 22 any any

2 permit 0.0.0.0/0 0.0.0.0/0 any any any any any

see the screenshot:

Regards

Don't forget to rate helpful posts

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card