EIGRP - LOCK & KEY - TEST QUERY

Hi Yes Sanjose1 logs off immediately as per my instructions expect..

Yes this is so I can telnet from host: 192.168.3.2

When you say configuring on 'vty lines' will apply for 'any' telnet connection 'and' will 'stop' admin access - I presume you mean as Ive added a 'specific user'?

Best to remove it and configure it just for the user which will enable you to set an idle timeout, not sure what you mean as on 'sanjose1' I added:

line vty 0 4 autocommand access-enable host timeout 2 - ?

I then tried:

line vty 0 4
username ernie autocommand access-enable host timeout 10 - This command was not accepted if this is what you meant.. ?

Yes I have a host: 10.0.0.11 configured correctly ie:
& Yes Vista could ping Sanjose1 and vice versa prior to 'ACL'
Vista can still ping 192.168.3.1
Sanjose1 can still ping 10.0.0.1

Same issue..!

My instructions state that I should expect the following from host 192.168.3.2:

- Ping 10.0.0.11 - This should fail
- Telnet 192.168.1.2 - logon with configured 'username & password' and logs out immediately - correct
- Ping 10.0.0.11 - This shoul be successful this time - but is NOT?

Without the access list applied on the interface, from host 192.168.3.2 can you ping 10.0.0.11?

Hi Frabbie,  Yes definately...!!!!  There was no other config in place as it is a blank config except specifically for this scenario....!!!  Everything worked when tested as mentioned earlier except for the 2nd ping attempt that was supposed to be successful..  As per config attached on main thread.

Correction on my last comment...all connections are showing as up/up but obviously I cannot ping from host B direct to host A but can ping the 'Eth' interfaces...and vice versa....!

Hi Frabbie, last night I 'erase startup' so now I have a completely empty router.  Ive only added the following:

2500 router Im using which used AUI's as the Ethernet interface and it doesnt allow me to add: duplex full or half and auto not in list either..straight-thru dont work obviously....

Config t
hostname VISTA
int Eth0
ip address 10.0.0.1 255.0.0.0
no shut

Host pc
ip address 10.0.0.11 255.0.0.0
sm: 255.255.255.0
dg: 10.0.0.1

I can ping the router from the host pc
I can ping the router Int Eth
I cannot ping the host pc from the router
Ive removed my x-over cable and plugged in the last new one I have but same thing.....
You've got me confused now isnt that right..?

So what is wrong you think

correction :

host pc
ip: 10.0.0.11
sm: 255.0.0.0
dg: 10.0.0.1

still same issue...........!!!!!!!

Hi my apologies yes you were right I switched 'Firewall off' and I can now ping 'host pc from my router'....

My Host XP pc has no configurations on it and this has never happened before and the only thing I can think has happened is that Ive not only installed SP3 Ive also downloaded all the updates so I think this must be an added update that has downloaded for obvious reasons and it would be the 'Network Admin' to allow this in the 'Exceptions' tab for eg.

All good.

I will now configure the rest and test the lock and key now...............:))

Yes it works perfect.........!!!!!:))))))

One more question....if a user from anywhere in the world set their pc to a specific ip address, subnet mask & dg and new the logon details if any set and within whatever time was set to logon, could they then access this?

Unless an ISP blocks specific addresses just like in some Communist type countries...