Aug 30 2011   12:36AM GMT

Remote Access ACLs

Joshua Wood Joshua Wood Profile: Joshua Wood

Hi all, I see it all of the time. An administrator has a solid network. Security isn’t bad in most cases in fact pretty good. But the network is highly exposed to hackers due to unrestricted access to attempt to login to routers and switches. In pretty much every network device that I have worked with there is a way to restrict the ability of remote users to have access to the logins to manage routers and switches. Mostly this access is based on an access control list or ACL that restricts which network you can manage the devices from.

Implementing them is simple enough. On a Cisco device you create an ACL, a standard one usually suffices. For example, “ip access-list 99”. Then you enter the line mode configuration with “line vty 0 15”. This will allow you to configure all 15 of the available telnet or SSH lines. Then use “access-class 99”. If all goes well you haven’t locked yourself out of your networked device. I recommend tweaking the URL via testing on a non-production device. The “reload in 10” works well for a remote device.

Until next time,
TechStop (JW)

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: