[c-nsp] Filtering telnet without ACL
J. Oquendo
sil at infiltrated.net
Fri Aug 1 09:19:49 EDT 2008
On Fri, 01 Aug 2008, Joost greene wrote:
> Hello,
>
> Someone challenged me with a question on how i can filter telnet access to
> one router from all hosts except two of them WITHOUT using access-lists or
> access-line under the VTY? any ideas?
>
> Regards,
> Joost
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
Route map...
ip access-list extended NO_TELNET
deny tcp any any eq 23
!
route-map BLOCK_TELNET 10
match ip address NO_TELNET
set interface Null 0
!
ip local policy route-map BLOCK_TELNET
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1)
CEH/CNDA, CHFI
"Experience hath shewn, that even under the best
forms (of government) those entrusted with power
have, in time, and by slow operations, perverted
it into tyranny." Thomas Jefferson
wget -qO - www.infiltrated.net/sig|perl
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB
More information about the cisco-nsp
mailing list