ACL to block Telnet on cisco Router: cisco packet tracer lab

Posted: 27 Jan 2020 in CCNA
Tags: ,

Learn how to block telnet for specific network and allow for specific network using acl configuration on cisco router.This lab is all about how to block telnet on router using ACL. This lab is also about how to allow Telnet on router using ACL.

Simply this lab is all about acl configuration on cisco router to block or allow telnet packets for certain network.

After going through below article you will be easily able to block Telnet for any Network You want and at the same time you will be able to allow Telnet or even SSH for certain network.

So what actually I am going to perform in This LAB?

  1. Telnet will be configured on router R1:
  2. Now i want that No one from network 5.0.0.0/8 will be able to telnet on Router R1.
  3. But at The same time I also want to allow PC from network 2.0.0.0/8, 3.0.0.0/8 and 4.0.0.0/8 to do telnet on Router R1.

Step 1: Draw network topology diagram and assign IP address on routers and PC  and Perform routing which ever suitable to you.

I hope you guys already know how to do these things.

 

Step2: configure Telnet on Router R1:

 

R1>en

R1#config t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#enable password ccna

R1(config)#line vty 0 4

R1(config-line)#password ccnp

R1(config-line)#login

R1(config-line)#exit

R1(config)#

 

Step 3:Configure ACL on router R1 to block network 5.0.0.0/8 from doing telnet on R1 Router and allow network 2.0.0.0/8 , 3.0.0.0/8 and 4.0.0.0/8

 

R1(config)#access-list 2 permit 2.0.0.0 0.255.255.255

R1(config)#access-list 2 permit 3.0.0.0 0.255.255.255

R1(config)#access-list 2 permit 4.0.0.0 0.255.255.255

R1(config)#access-list 2 deny 5.0.0.0 0.255.255.255

R1(config)#line vty 0 4

R1(config-line)#access-class 2 in

R1(config-line)#exit

R1(config)#

 

Step 5: Verify whether ACL security to block and allow Telnet Packet is properly working or not.

You can clearly see PC from network 4.0.0.0/8 can telnet on Router R1 because it’s allowed in ACL.

 

Now you can also see PC from network 5.0.0.0/8 are not able to do telnet on Router R1 because this network has been blocked from doing telnet on R1.

 

Comments
  1. Deepak says:

    Very simple terms to understand, but sir please correct heading of the article. Write ACL instead of ALC

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.