So does the VTY line encompass the entire terminal. Since you use inbound without specifying an interface but you also put the deny lines I'm guessing that means that a VTY line is kind of like 1 giant interface for all connections inbound or outbound of the router?
Hey, great question. In the video I did an ACL entry permitting the entire NOC subnet of 10.140.1.0/24 to any using SSH. It was sequence number of 10. What you need to do is create an additional ACL entry denying the "other PC in NOC subnet for SSH" They key here is to use a lower sequence number than 20 so it gets hit before the entry permitting the entire subnet. For example if the PC you want to deny is 10.140.1.3 and you want to allow everything else in the 10.140.1.0/24 subnet to be able to SSH to the router: Extended IP access list SSH-ACCESS 5 deny tcp host 10.140.1.3 any eq 22 10 permit tcp 10.140.1.0 0.0.0.255 any eq 22 20 deny tcp any any log Hope that helps and thanks for watching !
Hey CT, thanks for watching and glad you liked it. Im planning on doing a video on my story pretty soon. Here are some dates, i started networking in ‘06 in the Army did Network + and CCNA. Left in ‘13 and got CCNP. Passively studied protocols i worked with at a deeper level. ‘17 i commited to becoming an IE along with a coworker. ‘18 passed the written, Dec ‘19 passed the lab. Still always learning things.
To apply acl you type access-class, I’ve been typing access-group instead
Really helpful please keep making this type of interesting videos
Will do! New stuff dropping soon. Thanks for watching.
So does the VTY line encompass the entire terminal. Since you use inbound without specifying an interface but you also put the deny lines I'm guessing that means that a VTY line is kind of like 1 giant interface for all connections inbound or outbound of the router?
hello Thanks for video its help me , but if i have another PC in Same subnet as NOC Pc1 how i can deny it ??
Hey, great question. In the video I did an ACL entry permitting the entire NOC subnet of 10.140.1.0/24 to any using SSH. It was sequence number of 10. What you need to do is create an additional ACL entry denying the "other PC in NOC subnet for SSH" They key here is to use a lower sequence number than 20 so it gets hit before the entry permitting the entire subnet.
For example if the PC you want to deny is 10.140.1.3 and you want to allow everything else in the 10.140.1.0/24 subnet to be able to SSH to the router:
Extended IP access list SSH-ACCESS
5 deny tcp host 10.140.1.3 any eq 22
10 permit tcp 10.140.1.0 0.0.0.255 any eq 22
20 deny tcp any any log
Hope that helps and thanks for watching !
Great video man. I have a question, how long did it take you from basic Network+ knowledge to being on the level of a CCIE? How many years roughly?
Hey CT, thanks for watching and glad you liked it. Im planning on doing a video on my story pretty soon. Here are some dates, i started networking in ‘06 in the Army did Network + and CCNA. Left in ‘13 and got CCNP. Passively studied protocols i worked with at a deeper level. ‘17 i commited to becoming an IE along with a coworker. ‘18 passed the written, Dec ‘19 passed the lab. Still always learning things.
@@NetworkEngineerPro thank you sir
@@NetworkEngineerPro This is the first time I hear about such a thing ccie I am currently in the process of ccna aspiring to become a hacker
@@yarz2004 Hi, ccna is great and will build an excellent foundation to learn hacking.