From: Looking to be CCIE (ccie@nc.rr.com)
Date: Fri May 27 2005 - 09:53:55 GMT-3
Feeling Stupid... I was trying to put an access list on the VTY ports to
limit telnet to a specific host, but could not get it to work with a simple
one line list. Am I missing something here.... Just a serial connection
between the routers. Config Below..... I checked telnet before applying
access-list and it would work fine. After applying list I would just get a
connection refused message.
Note: If I put a three line list on it would work,
(access-list 100 permit tcp host 10.2.1.2 eq telnet any
access-list 100 deny tcp any eq telnet any
access-list 100 permit ip any any)
r7# (Router that has access list)
interface Serial0/1
ip address 10.2.1.1 255.255.255.0
!
!
access-list 100 permit tcp host 10.2.1.2 eq telnet any
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
access-class 100 in
password cisco
login
!
!
end
# (Router that I am accessing first router from)
interface Serial0/1
ip address 10.2.1.2 255.255.255.0
clockrate 64000
!
!
ip classless
!!
line con 0
line aux 0
line vty 0 4
!
!
end
Router#
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:03 GMT-3