Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1192
Views
5
Helpful
6
Replies

What is quiet-mode access-class ?

Go to solution
M.Sultan
Spotlight
Spotlight

‎01-13-2024 02:10 PM

What is quiet-mode access-class ? how it works ?

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP
In response to M.Sultan

‎01-14-2024 09:33 AM

I should have been more clear in my last post I see.  Quiet mode blocks all SSH and telnet connections to the device for the defined period of time.  This will be noted as quiet-mode in syslog when activated and only connections from the provided quiet-mode ACL will be permitted during this time.

The following configuration will block all SSH and Telnet connections to the device for 3 minutes (180 seconds) if there are 5 failed login attempts within 1 minute (60 seconds), but will still allow connections from host 10.10.10.110.

access-list 5 permit host 10.10.10.110

login block-for 180 attempts 5 within 60
login quiet-mode access-class 5

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

6 Replies 6

Go to solution
MHM Cisco World
VIP
VIP

‎01-13-2024 02:15 PM - edited ‎01-14-2024 03:58 AM

Cisco Quiet Mode | CCIE or Null! (ccie-or-null.net)

check this 
the Quite Mode is mode in which the SW/R not accept any more login attempt for specific host or all within specific time
""""the failed attempt count within the time we specify and ACL will allow the host (config in ACL) that failed or not try to access even if the mode is quite-mode""""
MHM

Go to solution
Marius Gunnerud
VIP
VIP

‎01-14-2024 12:08 AM

Quiet-mode is a setting you can implement which denies all connection to the device other than console access.  The quiet-mode access-list are those IPs that are still permitted to access the device during the quiet-mode duration.

--
Please remember to select a correct answer and rate helpful posts

Go to solution
M.Sultan
Spotlight
Spotlight
In response to Marius Gunnerud

‎01-14-2024 03:10 AM

Thanks- can you clear it with one simple example to understand it easily. ?

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP
In response to M.Sultan

‎01-14-2024 09:33 AM

I should have been more clear in my last post I see.  Quiet mode blocks all SSH and telnet connections to the device for the defined period of time.  This will be noted as quiet-mode in syslog when activated and only connections from the provided quiet-mode ACL will be permitted during this time.

The following configuration will block all SSH and Telnet connections to the device for 3 minutes (180 seconds) if there are 5 failed login attempts within 1 minute (60 seconds), but will still allow connections from host 10.10.10.110.

access-list 5 permit host 10.10.10.110

login block-for 180 attempts 5 within 60
login quiet-mode access-class 5

--
Please remember to select a correct answer and rate helpful posts

Go to solution
M.Sultan
Spotlight
Spotlight
In response to Marius Gunnerud

‎01-18-2024 08:00 AM

That's the solutions thanks friend-i practice its the same what you said.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card