I assume you're trying from console, is the acl applied to your line vty's? If so, try to telnet in from another device and then telnet out.
-ryan
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Modular
Sent: Saturday, April 18, 2009 9:42 PM
To: Cisco certification
Subject: access-class out to prevent telnet
Has anyone here had success with preventing outbound telnet from a router
using access-class out?
According to this doc you should use a standard ACL and what would normally
be considered the
source would actually be the destination:
http://www.cisco.com/en/US/docs/ios/security/configuration/guide/sec_cntrl_acc_vtl.html
I tried this and no dice. I tried using an extended ACL:
access-list 101 deny ip any any
and no dice.
No matter what I try... I can't seem to prevent outbound telnet from a
router using
access-class out.
Thanks,
Bryan R.
Blogs and organic groups at http://www.ccie.net
Received on Sun Apr 19 2009 - 00:47:19 ART
This archive was generated by hypermail 2.2.0 : Mon May 04 2009 - 07:39:12 ART