Access list

princely jonesprincely jones Member Posts: 5 ■□□□□□□□□□
in CCNA & CCENT
This is my fist time posting here, and I feel my question can help others. So I have a practical where I need to allow only host on my ADMIN VLAN to SSH to my router. How do I configure this?
· Share on FacebookShare on Twitter

Comments

  • dontstopdontstop Member Posts: 579 ■■■■□□□□□□
    Sounds like you need an ACL something like this:
    access-list 1 permit host <ip address>

    Then configure the ACL on the VTY line and disable Telnet (if it only wants SSH access)
    line vty 0 4
transport input ssh
access-class 1 in
    · Share on FacebookShare on Twitter
  • Danielh22185Danielh22185 Member Posts: 1,195 ■■■■□□□□□□
    The above ^^ will work for a single host to allow connectivity. If you want to permit all hosts on your admin vlan subnet you will need to specify the source subnet you need to permit access for.

    Example:
    access-list 1 permit 10.0.0.0 0.0.0.255

    ^^^ This would permit the subnet 10.0.0.0/24 access to the device.

    Or you can make multiple entries individually as well...
    Currently Studying: IE Stuff...kinda...for now...
    My ultimate career goal: To climb to the top of the computer network industry food chain.
    "Winning means you're willing to go longer, work harder, and give more than anyone else." - Vince Lombardi
    · Share on FacebookShare on Twitter
  • dontstopdontstop Member Posts: 579 ■■■■□□□□□□
    Danielh22185 wrote: »
    The above ^^ will work for a single host to allow connectivity.

    Danielh you're spot on. I miss read the original question "I need to allow only host on my ADMIN VLAN" as being a single host, I assume he means "only hosts". Good spotting :)
    · Share on FacebookShare on Twitter
  • princely jonesprincely jones Member Posts: 5 ■□□□□□□□□□
    Thanks guys for the help. It worked.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.