[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 227
  • Last Modified:

configuring access for internal interface only in cisco

I currently have tested a new router which is to be used for IPSec and consequently has a real world adddress on one side of the router - i want to be able to login via telnet from internal IP's but i can also log in via the real world address - what is the easiest way to restrict this access and olny allow internal networks to go via the LAN address?
0
redmayne
Asked:
redmayne
1 Solution
 
lrmooreCommented:
access-list applied to the vty lines
Assume: internal LAN = 192.168.200.0
Assume: real world IP = 23.45.67.8

access-list 6 permit 192.168.200.0 0.0.0.255
access-list 6 permit 23.45.67.8
line vty 0 4
 access-class 6 in

! Done

0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now