[nsp] Possible bug in access-class ACLs on Cat3750?
Gert Doering
gert at greenie.muc.de
Thu Nov 20 16:33:20 EST 2003
Hi,
On Thu, Nov 20, 2003 at 02:23:49PM +0100, Lars Erik Gullerud wrote:
> It seems that the ACL is not being checked at all when used in an
> "access-class" statement under "line vty X" - meaning that unless other
> mechanisms are used to prevent access, anyone can reach the switch via
> telnet/ssh(if enabled).
For our 3750G-24TS, the vty ACLs work as expected. Just tested it to be
sure. c3750-i5-mz.121.14-EA1
Standard ACL (#9), with explicit "deny any" at the end. No SSH, though.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list