Applying the access list to terminal line – ATL Telecom R1-SW Ethernet Switch User Manual

Configuring Security

10-9

Applying the Access List to Terminal Line

After you create an access list, you can apply it to terminal line. In this case, access lists can be
applied on both outbound and inbound flows. To restrict terminal line access to the system
using access lists, enter commands such as the following:

Table 10-3 Applying the access list to terminal line

Command

Task

line vty

1. Enter the VTY-line configuration mode.

access-class

<list-number>

{in | out}

2. Apply the access lists to terminal line.

y <list-number>

: Number of an IP access list (1 ~ 99, 1300 ~

1999).

y in

: Restricts incoming connections between the system and

the addresses in the access list.

y out

: Restricts outgoing connections between the system and

the addresses in the access list.

end

3. Return to Privileged mode.

write memory

4. Save the configuration.

The following example shows how to apply the access list to terminal line. The Corecess R1-
SW24L2B allows Telnet access to all IP addresses except the hosts listed in access list 2.

(config)# line vty

(config-line)# access-class 2 in

(config-line)# end

# write memory

Building Configuration...

[OK]

The following example show how to apply the access list to terminal line. The Corecess R1-
SW24L2B denies connections to networks other than network 192.89.55.0:

# configure terminal

(config)# access-list 12 permit 192.89.55.0 0.0.0.255

(config)# line vty 0 5

(config-line)# access-class 12 out

(config-line)# end

# write memory

Building Configuration...

[OK]