6.1 and 6.2 Solutions?
After doing this task badly I finally got a solution that I thought works based upon a couple of the threads here.
1 - Access-class for all VTY lines to restrict the allowed TCP port access to 23 and 3023
2 - Set the autocommand on the VTY line with port 23 access only.
The problem is if you telnet to port 23 and authenticate with NOC you will trigger the dynamic firewall exception. Task failed!
Has anyone done the work to solve this with aaa to allow only RDP access to port 23 and if so can they post it?
Thanks in advance and here's what I had.
Rack1SW1#sh run | s line vty
line vty 0
access-class VTY0 in
autocommand access-enable host
line vty 1 4
access-class VTY14 in
username NOC password 0 CISCO
username RDP password 0 CISCO
Extended IP access list VTY0
10 permit tcp any any eq telnet
Extended IP access list VTY14
10 permit tcp any any eq 3023