Learn how to block telnet for specific network and allow for specific network using acl configuration on cisco router.This lab is all about how to block telnet on router using ACL. This lab is also about how to allow Telnet on router using ACL.
Simply this lab is all about acl configuration on cisco router to block or allow telnet packets for certain network.
After going through below article you will be easily able to block Telnet for any Network You want and at the same time you will be able to allow Telnet or even SSH for certain network.
So what actually I am going to perform in This LAB?
- Telnet will be configured on router R1:
- Now i want that No one from network 220.127.116.11/8 will be able to telnet on Router R1.
- But at The same time I also want to allow PC from network 18.104.22.168/8, 22.214.171.124/8 and 126.96.36.199/8 to do telnet on Router R1.
Step 1: Draw network topology diagram and assign IP address on routers and PC and Perform routing which ever suitable to you.
I hope you guys already know how to do these things.
Step2: configure Telnet on Router R1:
R1>en R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#enable password ccna R1(config)#line vty 0 4 R1(config-line)#password ccnp R1(config-line)#login R1(config-line)#exit R1(config)#
Step 3:Configure ACL on router R1 to block network 188.8.131.52/8 from doing telnet on R1 Router and allow network 184.108.40.206/8 , 220.127.116.11/8 and 18.104.22.168/8
R1(config)#access-list 2 permit 22.214.171.124 0.255.255.255 R1(config)#access-list 2 permit 126.96.36.199 0.255.255.255 R1(config)#access-list 2 permit 188.8.131.52 0.255.255.255 R1(config)#access-list 2 deny 184.108.40.206 0.255.255.255 R1(config)#line vty 0 4 R1(config-line)#access-class 2 in R1(config-line)#exit R1(config)#
Step 5: Verify whether ACL security to block and allow Telnet Packet is properly working or not.
You can clearly see PC from network 220.127.116.11/8 can telnet on Router R1 because it’s allowed in ACL.
Now you can also see PC from network 18.104.22.168/8 are not able to do telnet on Router R1 because this network has been blocked from doing telnet on R1.