From: Les Hardin (hardinl@xxxxxxx)
Date: Sat Feb 17 2001 - 23:06:54 GMT-3
Perry,
Personally, I would simplify the below config to remove the timeout on the
vty. I would also use login local and get rid of the pass cisco under the
vty. Like so:
username zql password 0 liming
!
access-list 168 permit tcp any host 132.3.3.3 eq telnet
access-list 168 permit ospf any any
access-list 168 permit tcp any eq bgp any <---not sure why you need this
if you have it covered in next line?
access-list 168 permit tcp any any eq bgp
access-list 168 permit tcp any eq 2065 any
access-list 168 permit tcp any any eq 2065
access-list 168 dynamic testlist timeout 15 permit ip any any
!
line vty 0 4
login local
autocommand access-enable
int ser0
ip access-group 168 in
The user would login using zql with password liming
my $0.02
Les
At 10:16 AM 2/12/2001 +0800, zhuqingliu wrote:
>Hi, all
>
> The lock&key access-list idle timeout doesn't take effectivly.
>===========================================
>username zql password 0 liming
>!
>access-list 168 permit tcp any host 132.3.3.3 eq telnet
>access-list 168 permit ospf any any
>access-list 168 permit tcp any eq bgp any
>access-list 168 permit tcp any any eq bgp
>access-list 168 permit tcp any eq 2065 any
>access-list 168 permit tcp any any eq 2065
>access-list 168 dynamic testlist timeout 15 permit ip any any
>!
>line vty 0 4
> password cisco
> autocommand access-enable host timeout 3
>===========================================
>The dynamic access list will timeout within 3 minutes.
>
>IOS version is: 12.0(14)
>
>
>
>Best regards
>Perry.Zhu
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:52 GMT-3