allow ssh only on outside interface, but telnet on inside interface of router

Discussion in 'Cisco' started by no-one, Jul 28, 2004.

  1. no-one

    no-one Guest


    I'm trying to figure out a way to allow telnet and ssh on the inside
    interface, but only ssh on the outside interface for a dual ethernet

    i was hoping i could build and acces class like:

    access-list 159 permit tcp any host eq 22 log-input
    access-list 159 permit tcp any host eq telnet log-input
    access-list 159 deny ip any any log-input is the outside. is the inside.

    this doesn't work though. checking the logs i see that the router uses for itself instead of the real ip address.

    00:44:05: %SEC-6-IPACCESSLOGP: list 159 denied tcp
    ->, 1 packets

    Does anyone know a way to get this to work?

    Thanks in advance
    no-one, Jul 28, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.