Extreme - Telnet Access List

I'm looking to create an an access list to lock down telnet access to my Summit48i.

What's confusing me though, is because it is in layer 3 mode, there are a number of different IP addresses which I change often.

Is there a way of locking down ALL telnet traffic to, say, 192.168.0/24 for ALL ports on the switch, but not affecting traffic which is simply being routed through it?
Who is Participating?
Gen2003Connect With a Mentor Commented:
Sorry, for long delay. Try to find information you need in manual for summit. If you don't have it - download from

What you need is to create access list that will allow only your computer to telnet to device:

(action) (protocol) (source ip address) (source port) (destination ip address) (destination port)

permit tcp X.X.X.X any Y.Y.Y.Y 23
deny tcp any Y.Y.Y.Y 23

where X.X.X.X is your computer's IP, Y.Y.Y.Y - is address of Summit

these are not exact syntax, check with manual.

Regarding lost password, again check manual or contact extremenetworks. As nobody here will teach you how to hack systems.


What box do you have? Cisco? If so try to assign following ACL to interface you are expect attack:

access-list 120 deny tcp any eq 23
access-list 120 permit ip any any

So it will block any telnet traffic from anywhere to any machine on 192.168.0.X network but will allow everything else.

jezzarAuthor Commented:
It's an Extreme Switch
If it is Layer 2 switch then it is impossible to block traffic on tcp port- based criteria. If it is a Layer 3 switch (router) - check manual for how to apply ACL on it. What exact model ?
jezzarAuthor Commented:
It's layer three. 48si.

On a suddenly more important note, erm... any idea what to do if you forget the admin password?

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.