I'm having a bit of trouble with extended access-lists for vty access. Basically I'd like to setup an extended access list that only allows ssh access from certain IPs, but after creating the list and applying it to the VTY I lose access. But if I use a standard acl only allowing certain IPs it works fine...
ip access-list extended local_shell permit tcp host 192.168.1.2 host 192.168.1.1 eq 22 vty 0 4 access-class local_shell in transport input ssh Is the standard enough & is the above over-kill? Thanx, mkj Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72990&t=72990 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]