Verifying the Policy of No Telnet

Let’s run a second test to see whether Telnet is denied (which it should be because of our ACL rule). In Packet Tracer, we input the details the same as before but change the port to 23, which is the well-known destination port for Telnet, and run the test. Figure 16-20 shows the results.

Image

Figure 16-20 Verifying the ACL Is Preventing Telnet Through the ASA

This time we see that the initial route lookup took place, but when the ACL was checked, it failed and told us the result. The nice part of this is that it can assist in isolating not only that it did not work, but also the exact component (the reason) that ...

Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.