Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
SSL telnet connection 1
- Thread starter misha6
- Start date
Not SSL (secure socket layer) but, with the proper software load, you can run SSH ( secure shell) which is you meant, I think 
By disabling telnet by using an access list and allowing SSH from certain IP addresses you can make big strides towards security. You also can also do things like deny telnet at the VTY session. Make sure http is disbabled, SNMP has a tight community string and uses an ACL for access to it will also help
There is alot more at the NSA Security Guidelines which gives a step by step to locking down a Cisco (or other) router.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
By disabling telnet by using an access list and allowing SSH from certain IP addresses you can make big strides towards security. You also can also do things like deny telnet at the VTY session. Make sure http is disbabled, SNMP has a tight community string and uses an ACL for access to it will also help
There is alot more at the NSA Security Guidelines which gives a step by step to locking down a Cisco (or other) router.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
-
1
- #3
ciscoexpert
IS-IT--Management
Enable SSH on routers using following link.
You will need to have the specified IOS version in the link, to enable SSH.
On vty lines, you can disable, telnet first, and only allow SSH, by using the command
line vty 0 4
transport input ssh
Further you can use access class to restrict the hosts from which you can SSH into the router.
Also you can download a free SSH client such as PUTTY (search in google for it).
Hope that helps
Sankar Nair
General Datatech l.p.
You will need to have the specified IOS version in the link, to enable SSH.
On vty lines, you can disable, telnet first, and only allow SSH, by using the command
line vty 0 4
transport input ssh
Further you can use access class to restrict the hosts from which you can SSH into the router.
Also you can download a free SSH client such as PUTTY (search in google for it).
Hope that helps
Sankar Nair
General Datatech l.p.
- Status