vty access list
I am aware that access lists have a deny all implicitly applied at the end. I am also aware that if you enable an access list for http access to the switch there is also an implicit deny all at the end. But my question is does this also apply to terminal access list? I would also like to know the proper syntax to apply this list at the line. Is this ok? myrout (config)# access-class 1 permit 1 172.16.1.3 myrout (config)# line vty 0 4 myrout (config-line)# access-class 1 inout My understanding of the "inout" rather than "in" only is to restrict where you can telnet once you are in. By adding the "out" where am I restricting 172.16.1.3 ? Or is it rather that I am allowing 172.16.1.3 to telnet to other device once I am in the line mode? A little confused here. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: vty access list
After is this ok? The first line should read: myrout (config) # access-list 1 permit 172.16.1.3 My keyboard keys are too close together. ""Daniel Boutet"" [EMAIL PROTECTED] wrote in message 8ojup5$sum$[EMAIL PROTECTED]">news:8ojup5$sum$[EMAIL PROTECTED]... I am aware that access lists have a deny all implicitly applied at the end. I am also aware that if you enable an access list for http access to the switch there is also an implicit deny all at the end. But my question is does this also apply to terminal access list? I would also like to know the proper syntax to apply this list at the line. Is this ok? myrout (config)# access-class 1 permit 1 172.16.1.3 myrout (config)# line vty 0 4 myrout (config-line)# access-class 1 inout My understanding of the "inout" rather than "in" only is to restrict where you can telnet once you are in. By adding the "out" where am I restricting 172.16.1.3 ? Or is it rather that I am allowing 172.16.1.3 to telnet to other device once I am in the line mode? A little confused here. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VTY Access List Control
That should do the trick. You would create the access-list in priviledged mode [RouterA(config)#], not in the line mode [RouterA(config-line)#] Remember that this will allow ALL hosts within this subnet and will disallow ALL hosts not in this subnet. RouterA#config tEnter configuration commands, one per line. End with CNTL/Z.RouterA(config)#access-list 12 permit 192.88.54.0 0.0.0.255RouterA(config)#line vty 0 4RouterA(config-line)#access-class 12 inRouterA(config-line)#^ZRouterA#RouterA#sh runBuilding configuration... Current configuration:! (snip) access-list 12 permit 192.88.54.0 0.0.0.255 (snip) line vty 0 4access-class 12 in (snip)! end RouterA# Bob - Original Message - From: m. jean stockton To: [EMAIL PROTECTED] Sent: Sunday, July 16, 2000 2:19 PM Subject: VTY Access List Control I am not sure about the correct commands for vty access control. Is the following command correct to permit any device from network 192.88.54.0 to establish a virtual terminal session with the router? line vty 0 4 access-list 12 permit 192.88.54.0 0.0.0.255 line vty 0 4 access-class 12 in thanks mjs
VTY Access List Control
I am not sure about the correct commands for vty access control. Is the following command correct to permit any device from network 192.88.54.0 to establish a virtual terminal session with the router? line vty 0 4 access-list 12 permit 192.88.54.0 0.0.0.255 line vty 0 4 access-class 12 in thanks mjs