|
There are two new commands used to
configure vty access:
The
line
Command
Use the line
command
to place the router in line configuration mode.
line {vty-number | vty-range}
The
access-class
Command
Use the access-class
command
to link an existing access list to a terminal line or range of
lines.
access-class access-list-number {in | out}
Virtual Terminal Access Example
Consider the sample configuration that follows:
access-list 12 permit 192.89.55.0 0.0.0.255
!
line vty 0 4
access-class 12 in
In this example, you are permitting any device on network
192.89.55.0 to establish a vty (Telnet) session with the router. Of
course, the user must know the appropriate passwords to enter user
mode and privileged mode. Notice that identical restrictions have
been set on all vty lines (0–4) because you cannot control the vty
line to which a user will connect. The implicit
deny any
still applies in an alternative application, such as limiting vty access.
 |
 |
Lab
Activity |
| |
In
this lab, you will learn how to use the
access-class and line commands to control vty access. |
|
|
|
|