YES!!!!! At 03:56 AM 7/25/2003 +0000, Puckette, Larry (TIFPC) wrote: >Is anybody else receiving multiple emails from [EMAIL PROTECTED] that >are empty?? > >Larry Puckette >Network Analyst >Temple Inland >[EMAIL PROTECTED] >512-434-1838 >Where there is no idol but money and power, there is no hope for integrity. > > -----Original Message----- >From: Maximus [mailto:[EMAIL PROTECTED] >Sent: Thursday, July 24, 2003 9:02 PM >To: [EMAIL PROTECTED] >Subject: RE: Vty access class [7:72990] > >I believe the standard ACL should be enough since your already specifying >transport input ssh on line vty 0 4. > >Just my $0.02 > >Jablonski, Michael wrote: >> >> I'm having a bit of trouble with extended access-lists for vty >> access. >> Basically I'd like to setup an extended access list that only >> allows ssh >> access from certain IPs, but after creating the list and >> applying it to the >> VTY I lose access. But if I use a standard acl only allowing >> certain IPs it >> works fine... >> >> ip access-list extended local_shell >> permit tcp host 192.168.1.2 host 192.168.1.1 eq 22 >> >> vty 0 4 >> access-class local_shell in >> transport input ssh >> >> Is the standard enough & is the above over-kill? >> >> Thanx, >> mkj +++++++++++++++++++++++++++++++++ International Network Services Darren S. Crawford - CCNP, CCDP, CISSP Sr. Network Systems Consultant Northwest Operation - Sacramento Office Voicemail: (916) 859-5200 x310 Pager: (800) 467-1467 Text Page: [EMAIL PROTECTED] Email: mailto://[EMAIL PROTECTED] Web: www.ins.com +++++++++++++++++++++++++++++++++
Every Job is a Self-Portrait of the person Who Did It...Autograph Your Work With EXCELLENCE! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73003&t=72997 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
