Cisco IOS router config -- how to disable SSH / SNMP on all but loopback address?
Posted
by
chris
on Server Fault
See other posts from Server Fault
or by chris
Published on 2012-11-21T16:14:59Z
Indexed on
2012/11/21
17:01 UTC
Read the original article
Hit count: 277
Sorry for the naive question; a quick reading of the cisco docs doesn't answer this question...
So I've got a router (say for the sake of argument a 4500 running IOS 15.x)
It has interfaces in 3 different subnets -- 10.0.0.1/24, 10.0.1.1/24, and 10.0.2.1/24 It also has a loopback address of 172.16.0.33
How do I make it so that SSH / SNMP and other administrative traffic works on the 172 address but doesn't work on the IP addresses I wish to only use for L3 forwarding?
Ideally this can be done by disabling the control plane access to these interfaces not just by using an ACL, but whatever, I don't actually care that much as long as it works...
Thanks!
© Server Fault or respective owner