restricting access to vty
NewTecher
Registered Users Posts: 4 ■□□□□□□□□□
in CCNA & CCENT
Hi,
When we are doing restrictions to vty, which ACL do we use? Named or standard, or we can use all? even extended?
When we are doing restrictions to vty, which ACL do we use? Named or standard, or we can use all? even extended?
Comments
-
shodown Member Posts: 2,271What kinda restrictions. Restricting by acl will only allow a certain subnet or block a subnet.
Do you want only certain people to have access? Or do you want people to only have access from certain locations?Currently Reading
CUCM SRND 9x/10, UCCX SRND 10x, QOS SRND, SIP Trunking Guide, anything contact center related -
hiddenknight821 Member Posts: 1,209 ■■■■■■□□□□Hi,
When we are doing restrictions to vty, which ACL do we use? Named or standard, or we can use all? even extended?
I believe you can use all kind, but the extended ACL would be more ideal for a high security environment. In the vty configuration mode, you would have to use "access-class" command there rather than using the "ip access-group" command that you would normally use in Interface configuration mode. -
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□Extended ACL gives you the ability to specify what protocol(s) to filter IE ssh v telnet. Of course, you have telnet turned off already, but you can be very granular and have the ACL only allow ssh connections.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8%