VIVA AFRICA AND SENEGAL, NIGERIA TURN TO DO ARGENTINA NEXT. PORR SAUDI ARABIA ----- Original Message ----- From: "Gaz" To: Sent: Saturday, June 01, 2002 1:25 PM Subject: Re: access-list question? [7:45585]
> If you are trying to restrict telnet access to the router to only those > addresses (192.168.1.0 to 192.168.7.0), you need at least two lines in the > access list. > If you can let 192.168.0.0 /24 through as well, then you can get it down to > one line. > > Rather than using an extended access list, you can use a standard access > list and then apply it as an access class to the VTY lines. > Something like this: > > > access-list 31 deny 192.168.0.0 0.0.0.255 > access-list 31 permit 192.168.0.0 0.0.0.7.255 > > line vty 0 4 > access class 31 in > > Forget the first line if you can let 192.168.0.0 /24 through. > > Anybody's welcome to chip in if I missed something, or even totally screwed > it up. World Cup fever has hit and still recovering. (Any French list > members - ho ho - sorry!) > > What do you call a Frenchman in the 2nd round of the world cup? > Referee! > > > Gaz > > > ""GEORGE"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > If I wanted to apply a access list to allow only networks from > > 192.168.1.0 to 192.168.7.0 and apply it to the vty lines > > > > is this correct > > > > access-list 101 allow tcp 192.168.1.0 0.0.6.255 eq 23 any > > ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45589&t=45585 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
