[c-nsp] Filtering telnet without ACL
Lincoln Dale
ltd at cisco.com
Mon Aug 11 06:30:16 EDT 2008
Saku Ytti wrote:
> Although question was protocol specific which makes
> it hard to satisfy without ACLs. You could imagine
> that the box may be offering NTP, DNS or TFTP to the
> network which should continue to work.
>
>
you could potentially do it using CoPP policy with a CoPP policy for the
address(es) you wish, 0bps configured for other rates.
if its just telnet, then certainly an access-class on the vty would work
too, albeit that would be s/w enforced not h/w enforced.
cheers,
lincoln.
More information about the cisco-nsp
mailing list