https://kb.juniper.net/InfoCenter/index?page=content&id=KB23547
The article states it applies to VRFs, but it also applies to routing instances of type "virtual-router". --Stacy > On Jul 15, 2015, at 10:11 AM, Victor Sudakov <[email protected]> wrote: > > Colleagues, > > I have customers' networks connected to routing-instances of type > "virtual-router." These routing-instances are supposed to be isolated > and use their own address space. > > However, a customer can telnet/ssh from their network to the > virtual-router's IP address effectively telnetting to the main device. > > Is there an elegant way to prevent this from happening, i.e. to permit > telnet/ssh access from hosts in the inet.0 table but deny from hosts > from the CUSTOMERXX.inet.0 table? > > Thanks in advance for any input. > > -- > Victor Sudakov, VAS4-RIPE, VAS47-RIPN > sip:[email protected] > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
