Re: Dening telnet access [7:35628]

essage - From: "Roberts, Larry" To: Sent: Monday, February 18, 2002 9:00 PM Subject: RE: Dening telnet access [7:35628] > And for reference: > http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr > as_r/1rfip1.htm#xtocid1 > > Note that your so

Re: Dening telnet access [7:35628]

> Thanks > > Larry > > -Original Message- > From: MADMAN [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 18, 2002 4:42 PM > To: Roberts, Larry > Cc: [EMAIL PROTECTED] > Subject: Re: Dening telnet access [7:35628] > > > >Heres the proof

RE: Dening telnet access [7:35628]

, not always the right way. Thanks Larry -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 4:42 PM To: Roberts, Larry Cc: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] Heres the proof: interface FastEthernet0/0 ip ad

Re: Dening telnet access [7:35628]

day, February 18, 2002 4:42 PM > To: Roberts, Larry > Cc: [EMAIL PROTECTED] > Subject: Re: Dening telnet access [7:35628] > >Heres the proof: > > interface FastEthernet0/0 > ip address 172.28.64.28 255.255.255.192 > ip access-group 150 in > ip directed-broadcast &g

Re: Dening telnet access [7:35628]

on the 172.28.64.11 subnet and show me this getting > dropped. > > Thanks > > Larry > > -Original Message- > From: MADMAN [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 18, 2002 3:21 PM > To: Roberts, Larry > Cc: [EMAIL PROTECTED] > Subject: Re: Deni

Re: Dening telnet access [7:35628]

rnet ) > > > > If you were to telnet directly to the interface that the access-list was > > applied to you WOULD get in. Only an access-class applied > > To the VTY ports will stop that. > > > > Thanks > > > > Larry > > > > -Original Mes

Re: Dening telnet access [7:35628]

nly an access-class applied > > > To the VTY ports will stop that. > > > > > > Thanks > > > > > > Larry > > > > > > -Original Message- > > > From: MADMAN [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, Feb

RE: Dening telnet access [7:35628]

172.28.64.11 subnet and show me this getting dropped. Thanks Larry -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 3:21 PM To: Roberts, Larry Cc: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] Not in my world: interface

Re: Dening telnet access [7:35628]

t; by > > > access-lists. (i don't understand why not, but hey...) > > > > > > instead do this > > > > > > access-list y deny xx.xx.xx.xx xx.xx.xx.xx > > > > > > line vty 0 n (n = the results of a ?, usually 4) access-class y > &g

RE: Dening telnet access [7:35628]

ly an access-class applied To the VTY ports will stop that. Thanks Larry -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 1:05 PM To: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] I know it does. I have, even fairly recently, l

Re: Dening telnet access [7:35628]

t the access-list was > > applied to you WOULD get in. Only an access-class applied > > To the VTY ports will stop that. > > > > Thanks > > > > Larry > > > > -Original Message- > > From: MADMAN [mailto:[EMAIL PROTECTED]] > > Sent: Mond

Re: Dening telnet access [7:35628]

IL PROTECTED]] > Sent: Monday, February 18, 2002 1:05 PM > To: [EMAIL PROTECTED] > Subject: Re: Dening telnet access [7:35628] > > I know it does. I have, even fairly recently, locked myself out of a > router via an inbound access list applied to an interface,DOH:( Try > agai

Re: Dening telnet access [7:35628]

; Thanks > > Larry > > -Original Message- > From: MADMAN [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 18, 2002 1:05 PM > To: [EMAIL PROTECTED] > Subject: Re: Dening telnet access [7:35628] > > I know it does. I have, even fairly recently, locked myself out

Re: Dening telnet access [7:35628]

Not true, that is a way not the way. Dave Tim Booth wrote: > > To filter telnet packets to the router it is necessary to apply access > lists to the vty lines with the access-class command. > > Kind Regards, > Tim Booth > MCDBA, CCNP, CCDP, CCIE written >

RE: Dening telnet access [7:35628]

-list was applied to you WOULD get in. Only an access-class applied To the VTY ports will stop that. Thanks Larry -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 1:05 PM To: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] I know it

RE: Dening telnet access [7:35628]

and a loopback ip.) I am assuming that this is a "feature" that Cisco fixed sometime in the last 1.5 year. -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 1:05 PM To: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] I know i

RE: Dening telnet access [7:35628]

To filter telnet packets to the router it is necessary to apply access lists to the vty lines with the access-class command. Kind Regards, Tim Booth MCDBA, CCNP, CCDP, CCIE written - Those who would give up essential liberty to purchase a little temporary s

Re: Dening telnet access [7:35628]

> > -Original Message- > > From: McHugh Randy [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, February 16, 2002 4:49 PM > > To: [EMAIL PROTECTED] > > Subject: Dening telnet access [7:35628] > > > > Access list problem: > > > > Why does th

Re: Dening telnet access [7:35628]

access-list y deny xx.xx.xx.xx xx.xx.xx.xx > > line vty 0 n (n = the results of a ?, usually 4) > access-class y > > -Original Message- > From: McHugh Randy [mailto:[EMAIL PROTECTED]] > Sent: Saturday, February 16, 2002 4:49 PM > To: [EMAIL PROTECTED] > Subject:

Re: Dening telnet access [7:35628]

aturday, February 16, 2002 4:49 PM > To: [EMAIL PROTECTED] > Subject: Dening telnet access [7:35628] > > Access list problem: > > Why does this extended access list not work to deny telnet access applied to > the internet interface on a 2514? > > Extended IP access list 1

RE: Dening telnet access [7:35628]

From: McHugh Randy [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 16, 2002 4:49 PM To: [EMAIL PROTECTED] Subject: Dening telnet access [7:35628] Access list problem: Why does this extended access list not work to deny telnet access applied to the internet interface on a 2514? Extended IP access

Re: Dening telnet access [7:35628]

if your internet connection is via ether0, this would work, but if it is via serial, you want it inbound on the net connected serial int. Brian On Sat, 16 Feb 2002, McHugh Randy wrote: > Access list problem: > > Why does this extended access list not work to deny telnet access applied t

RE: Dening telnet access [7:35628]

- From: McHugh Randy [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 16, 2002 4:49 PM To: [EMAIL PROTECTED] Subject: Dening telnet access [7:35628] Access list problem: Why does this extended access list not work to deny telnet access applied to the internet interface on a 2514? Extended

RE: Dening telnet access [7:35628]

Not sure of your network topology but it looks as if all you have done is to prevent users on the ethernet interface from using telnet. You can apply an 'access-class' (which works identically to access-group on a physical interface) to your vty lines to restrict telnet access from outside into y

Dening telnet access [7:35628]

Access list problem: Why does this extended access list not work to deny telnet access applied to the internet interface on a 2514? Extended IP access list 199 deny tcp any any eq telnet interface Ethernet0 ip access-group 199 in I have alot more statments than this and of course the statemen