[c-nsp] Filtering telnet without ACL
Peter Rathlev
peter at rathlev.dk
Fri Aug 1 09:56:16 EDT 2008
On Fri, 2008-08-01 at 15:14 +0200, Joost greene wrote:
> Someone challenged me with a question on how i can filter telnet access
> to one router from all hosts except two of them WITHOUT using
> access-lists or access-line under the VTY? any ideas?
Control-plane policing could do it without interface ACLs or VTY
access-classes, but it'd be a little hard to realise without
access-lists at all. You could also disable telnet by not including it
in the "transport input ..." configuration under line VTY. Like using
just "transport input ssh" or something. This would disable telnet, but
not SSH.
Regards,
Peter
More information about the cisco-nsp
mailing list