Good morning folks. It's been a crazy week and I can't figure out why something was breaking during our turn up of a new site.
Gist:
we have a standard VTY ACL we use to limit SSH to 10/8 and block a couple servers. We had a unique situation where I needed to open it up to a few public IP's. When the necessary changes were made, it blocked all connection attempts.
working/usual:
access-list 44 deny 10.250.16.68 0.0.0.1
access-list 44 permit 10.0.0.0 0.255.255.255
access-list 44 deny any
not working:
access-list 44 deny 10.250.16.68 0.0.0.1
access-list 44 permit 10.0.0.0 0.255.255.255
access-list 44 permit 103.13.71.103 0.0.0.0
access-list 44 permit 160.202.13.0 0.255.255.255
access-list 44 deny any
I would like to note/point out that the 4th link was supposed to be a wild card of 0.0.0.255, as we wanted to just allow the whole /24. I don't think that was the cause because even just the 3rd line being added broke it.
Not sure what was going on, curious if anyone has any insight.
No comments:
Post a Comment