OK, I'm confused on something very simple. In the past, when setting up a router, I've done an access-list allowing (example) SSH and SNMP. Then I've applied said access list to the VTYs. Transport input I've always set to "none" as I haven't cared because I have a VTY controlling what comes in. But it appears I was misunderstanding some things.
If I set my transport input to SSH, it restricts the VTY access to just SSH. Then, I can use an ACL to allow only certain subnets blah blah blah. So how am I controlling SNMP? I understand that I can build an SNMP specific ACL and apply it to snmp server group. Is that it? Meaning, is an ACL applied to a VTY only going to control source and destination (and ports possibly) over which whatever transport you applied is allowed? So other services aren't really hitting the VTY in that sense? -Hammer- "I was a normal American nerd." -Jack Herer _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
