configuring access for internal interface only in cisco

I currently have tested a new router which is to be used for IPSec and consequently has a real world adddress on one side of the router - i want to be able to login via telnet from internal IP's but i can also log in via the real world address - what is the easiest way to restrict this access and olny allow internal networks to go via the LAN address?
redmayneAsked:
Who is Participating?
 
lrmooreCommented:
access-list applied to the vty lines
Assume: internal LAN = 192.168.200.0
Assume: real world IP = 23.45.67.8

access-list 6 permit 192.168.200.0 0.0.0.255
access-list 6 permit 23.45.67.8
line vty 0 4
 access-class 6 in

! Done

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.