From: Petr Lapukhov (petr@internetworkexpert.com)
Date: Sun Oct 01 2006 - 02:54:54 ART
Basically, this access-calss apllies to OUTGOING connections (e.g. telnet),
made by named user.
That is, it's similar to "access-class out" on VTY, only it's user-specific.
2006/10/1, Robert Watson <watson.robert@gmail.com>:
>
> Testing the following scenario
>
> Access-list 101 permit tcp host 131.1.1.5 any eq telnet
>
> When I apply the acl to line vty 0 4
> Works as expected only telnet session from 131.1.1.5 is alowed to login
>
> When I apply the acl to username
>
> username CCIE access-class 101 password 0 TEST
> Anyone and their cute sister can get in via uname CCIE
>
> Am I doing something wrong here? Do you have to enable aaa for the
> access-class feature to work?
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Petr Lapukhov, CCIE #16379 petr@internetworkexpert.comInternetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-224-8987 Outside US: 775-826-4344
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:03 ART