Re: Allowing SSH only from trusted subnets

Discussion in 'Cisco' started by jrguent@gmail.com, Jul 22, 2009.

  1. Guest

    On Jul 22, 2:04 pm, Lovejoy <> wrote:
    > I need to set up some extended ACL's to only allow SSH from trusted
    > subnets.  This is what I have come up with so far :
    >
    > ip access-list extended allowSSH
    > access-list 100 allow ip x.x.210.0 0.0.1.255 any log
    > access-list 105 allow ip x.x.144.0 0.0.1.255 any log
    > access-list 110 allow ip x.x.44.0 0.0.1.255 any log
    > access-list 115 allow ip x.x.224.0 0.0.1.255 any log
    > access-list 120 deny ip any any log
    > exit
    >
    > line vty 0 4
    > access-class allowSSH in
    > transport input ssh
    > exec-timeout 9 0
    >
    > In general, is this a correct way to go about it.  There are many more
    > subnets that are to be denied SSH access, so I went the allow route.
    > Suggestions, comments?
    >
    > Thanks
    > Lovejoy
    >
    > --
    > ===========================================================
    > This space for lease....


    Agreed 'allow route' is better.

    http://www.cisco.com/en/US/docs/ios/12_2/ipaddr/command/reference/1rfip1.html#wp1017389
    I think you may be able to accomplish with a standard access control
    list when used in conjunction with access-class command

    Regards
     
    , Jul 22, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?cGhpbA==?=

    allowing only certain computers acces to the wirless network

    =?Utf-8?B?cGhpbA==?=, Dec 29, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    700
    =?Utf-8?B?TWFyayBXaWxzb24=?=
    Dec 29, 2005
  2. Brian Bergin
    Replies:
    3
    Views:
    899
    Brian Bergin
    Sep 11, 2004
  3. Paul
    Replies:
    1
    Views:
    3,643
    Walter Roberson
    Dec 6, 2004
  4. John Mason Jr
    Replies:
    0
    Views:
    492
    John Mason Jr
    Jan 24, 2006
  5. Replies:
    4
    Views:
    1,464
    Trendkill
    Aug 29, 2008
Loading...

Share This Page