Create ‘access-list’ for use with ‘line vty’ – ‘ACL deny is configured’

Details

Access lists control the transmission of packets on an interface, control Virtual Terminal Line (VTY) access, and restrict the contents of routing updates. The Cisco IOS software stops checking the extended access list after a match occurs.

Solution

Configure the VTY ACL that will be used to restrict management access to the device.
hostname(config)#access-list permit tcp any
hostname(config)#access-list permit tcp host any
hostname(config)#deny ip any any log

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/508

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

800-53|SC-7(5)
800-53|SC-7(15)

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles