Search this Blog

Wednesday, June 15, 2011

How do you enable Telnet on Switchports - CAT 3560


We are using a Catalyst 3560 POE 8 switch to terminate our metro internet connection.
We have our external stuff setup on VLAN 999 on F0/1, and our internal stuff is on VLAN 666 on F0/2 and F0/3. We recently realized that our VLAN 999 (which is exposed to the internet) also has telnet enabled. We need to shut that down. But we also need to retain telnet access from the inside.

Can we get ssh working on this switch? It doesn't have a crypto load. Our question is "how can we enable telnet on some switchports or VLAN's (F0/2, F0/3, VLAN 666), and disable it on others (F0/1, VLAN 999)? Is that possible?

Please follow the steps below

Under line vty 0 5
You can invoke a standard ACL using
access-class in xx
access-list xx permit 10.66.66.0
The ACL can specify the IP subnet associated to the inside Vlan

The switch may have more vty lines then 0 - 5 be aware of this. Also consider configuring on all of them for your safety.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

No comments :

Post a Comment

 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */