ACLs - CCNA

[Autobahn]

Hi All!

Just a quick question, nothing too taxing I'm afraid. If I create a standard acl as follows

access-list 1 deny any
then apply this to the vty 04 int with access-class command...will this restrict all telnet access?

Can I just create access-list 1 without the 'deny any' command and let the implicit deny take care of that bit?

Thanks in advance,

Autobahn

 

[jamin123]

access-list 1 deny any" Yes, all traffice would be deny.

"access-list 1 pemit any" This is useless because all traffic will flow any way.

Use acl to filler and direct the flow of traffic e.g
"access-list 1 pemit 176.10.0.0" permit all host on network 176.10. and implict deny at the end would deny all other traffic.

 

[Autobahn]

Thanks jamin, thats cleared it up a bit, but I was wondering what would happen if you just created a blank access-list. Would it by default deny all telnet access if applied to int vty 0 4??

 

[lui3]

don t do that

just use the

transport input none

 

[baddos]

You need to know what command CISCO thinks is best for the test. Try checking out some CCNA forums or books for the correct (Cisco Test) way.

 

[bierhunter]

Baddos is right. There may be many answers, but the test is looking for 'their' answer.

Another simple way to prevent telnet access is:

line vty 0 4
login
end

Set the login, but do not set a password.