Cisco IOS router config -- how to disable SSH / SNMP on all but loopback address?

Posted by chris on Server Fault See other posts from Server Fault or by chris
Published on 2012-11-21T16:14:59Z Indexed on 2012/11/21 17:01 UTC
Read the original article Hit count: 277

Filed under:
|
|

Sorry for the naive question; a quick reading of the cisco docs doesn't answer this question...

So I've got a router (say for the sake of argument a 4500 running IOS 15.x)

It has interfaces in 3 different subnets -- 10.0.0.1/24, 10.0.1.1/24, and 10.0.2.1/24 It also has a loopback address of 172.16.0.33

How do I make it so that SSH / SNMP and other administrative traffic works on the 172 address but doesn't work on the IP addresses I wish to only use for L3 forwarding?

Ideally this can be done by disabling the control plane access to these interfaces not just by using an ACL, but whatever, I don't actually care that much as long as it works...

Thanks!

© Server Fault or respective owner

Related posts about cisco

Related posts about acl