[c-nsp] suddenly lost telnet connection in switch

Justin M. Streiner streiner at cluebyfour.org
Fri Dec 12 14:28:27 EST 2008

On Fri, 12 Dec 2008, chloe K wrote:

>  I am doing the following access-list for www to restrict to switch http access
>  but when I apply it in the interface, i suddenly lost telnet connection.
>  Why?
>  Extended IP access list 110
>    permit tcp any eq www
>    permit tcp any eq www
>    permit tcp any eq www
>    deny tcp any eq www any
>    deny tcp any eq www any log

You need to permit telnet connections.  The ACL above only deals with HTTP 
connections.  Also, at the bottom of most packet-filtering ACLs like this, 
there is an implicit "deny any", so if packet doesn't match against any of 
your explicitly defined ACL rules, it will fall to that implicit "deny 
any" and get dropped.


More information about the cisco-nsp mailing list