We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 651 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

445 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Forum Replies

  1. Hi Rene,

    I think telnet traffic filter in line vty NOT per interface ? correct me if I wrong.

  2. Hi @hussien.samer,

    It’s working fine here:

    R2(config)#ipv6 access-list R1_TRAFFIC   
    R2(config-ipv6-acl)#deny tcp any any eq telnet
    R2(config-ipv6-acl)#permit any any
    
    R2(config)#interface GigabitEthernet 2
    R2(config-if)#ipv6 traffic-filter R1_TRAFFIC in
    

    This blocks telnet traffic and permits everything else:

    R1#telnet 2001:DB8:0:12::2
    Trying 2001:DB8:0:12::2 ... 
    % Connection timed out; remote host not responding
    
    R1#ping 2001:DB8:0:12::2
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 2001:DB8:0:12::2, timeout is 2 seconds:
    !!!!!
    Success rat
    ... Continue reading in our forum

  3. I tested this on Cisco VIRL. You might also want to try it on some real hardware…could be a IOL quirk :slight_smile:

  4. Maybe, in the end I wanted to know the correct behavior, thanks for your feedback.

  5. Hello Allen

    Yes, that is counter-intuitive! Can you share with us a little more of your configuration? Can you include your topology, the application of the access list on the interface(s) as well as what seq 10 was originally?

    Laz

11 more replies! Ask a question or join the discussion by visiting our Community Forum