Filtering Router Service Traffic
This section explains how to implement ACLs to filter IP traffic that is destined for the following router services:
Telnet
SNMP
Routing protocols
Telnet Service
Telnet (vty) is typically used by systems administrators to access the router for config-uration and maintenance. Figure 4-28 shows a portion of the theoretical network from Figure 4-27.
Figure 4-28. Telnet Service Filtering
You should restrict which hosts have access to the vty lines of the router by using an ACL, as demonstrated in Example 4-16.
Example 4-16. Filtering Telnet Service
R2(config)# access-list 105 permit host 16.2.1.3 eq 23 any log R2(config)# ... |
Get CCSP Self-Study: Securing Cisco IOS Networks (SECUR) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.