I need to block a single port on my wan side fa0/1 .. my telnet port 23 as it is open and im not going to use it and want to close it ?
This example shows how to allow telnet from an internal network, ssh from any but deny anyone else while logging all activity
ip access-list extended TerminalAccess
permit tcp host 10.0.0.2 any eq telnet log
permit tcp any any eq 22 log
deny tcp any any log
line vty 0 4
access-class TerminalAccess in
You could also use the line "transport input none"
The best option is to have some secure means to remotely manage the device.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: