From: Imal kalutotage (imal.kalutotage@gmail.com)
Date: Fri Sep 16 2005 - 08:56:48 GMT-3
Hi god
When I remove the list it allows me to telnet..
This is very strange & this is not the 1st time I faced this issue..
Cheers
Imal
On 9/16/05, Godswill Oletu <oletu@inbox.lv> wrote:
>
> When you remove the "access-class 111 in" command can you telnet into the
> router using the loopback interface ip address?
>
>
> ----- Original Message -----
> From: "Imal kalutotage" <imal.kalutotage@gmail.com>
> To: "Cisco certification" <ccielab@groupstudy.com>
> Sent: Friday, September 16, 2005 7:23 AM
> Subject: Telnet access into loopback
>
>
> > Hi Group
> > Here is the task
> > Only allow telnet access in to the loop back 0 of the router..
> > It seems very simple but does not work for me.
> > I donot know whether this is bug or Am I mising something here.
> > Also command ref says access-class work normly with standard
> access-lists
> > Ok but with standard access lists we cannot match the our loopback ip,
> > becasuse it is the destination ip of the incomung telnet session.
> > One option is to apply the access group in the incoming serial
> interface.
> > this is my config & when u do this it is not allowing telnet to any
> > interface.
> > int loop0
> > ip add 1.1.5.5 <http://1.1.5.5> <http://1.1.5.5>
255.255.255.255<http://255.255.255.255><
> http://255.255.255.255>
> > access-list 111 permit ip any host 1.1.5.5 <http://1.1.5.5> <
> http://1.1.5.5>
> > line vty 0 4
> > access-class 111 in
> > privilege level 15
> > password cisco
> > login
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:15 GMT-3