Configure and apply an acl to limit telnet and SSH access to the router

dmwdmw Member Posts: 81 ■■□□□□□□□□
This should be an easy one.

I understand how to create the acl and apply the acl using access-class on the vty lines.

Does putting it on the vty lines take care of ssh as well?
Rebooting computers since 1999


  • hiddenknight821hiddenknight821 Member Posts: 1,209 ■■■■■■□□□□
    I believe it applies to any vty lines you specify when you enter the "line vty" command from global configuration mode. Although, I haven't test this, but logically this would make sense. I don't see why else it wouldn't work for SSH.
  • luisYmeluisYme Member Posts: 23 ■□□□□□□□□□
    usually a standard acl is applied to limit the source IP addresses that can access the switch/router. you can't specify the transport protocol (udp/tcp) or a port number with a standard acl. so, you then have to state whether or not ssh is enabled under the line vty configuration. note, you'll need one of the K9 IOS images that support ssh in the first place.

    good luck!
Sign In or Register to comment.