[afnog] changing ssh port on a cisco router

joseph mpora klashniv at gmail.com
Thu Jul 21 14:10:29 UTC 2011


I eventually did an access list:

interface ethernet0
ip access-group 102 in
!
access-list 102 deny tcp any any eq 22
access-list 102 permit ip any any

Thanks.

Joseph

On Wed, Jul 20, 2011 at 5:17 PM, Shake Righa <shake.righa at gmail.com> wrote:
> Joseph,
> Could you set an access list to deny access via Port 22 and only allow via
> port 2222.
> Regards,
> Shake Righa
>
> On Wed, Jul 20, 2011 at 4:47 PM, joseph mpora <klashniv at gmail.com> wrote:
>>
>> When I tried:
>>
>> ip ssh port 2222 rotary 1
>> line vty 0 4
>>  rotary 1
>>
>> I can log into the router using both port 22 and 2222. I want to block
>> access to ssh on port 22, so that only connections to port 2222 are
>> accepted.
>>
>> Joseph
>>
>> On Wed, Jul 20, 2011 at 4:41 PM, Shake Righa <shake.righa at gmail.com>
>> wrote:
>> > Joseph,
>> > Kindly try at the config mode
>> > ip ssh port <new port> rotary 1  >>>>>>>>>. where new port is where you
>> > want
>> > ssh to accept connections on
>> > Router(config)# ip ssh port 2011 rotary 1
>> > Router(config)#line vty 0 4
>> > Router(config-line)#rotary 1
>> >
>> > Regards,
>> > Shake Righa
>> >
>> >
>> > On Wed, Jul 20, 2011 at 4:32 PM, joseph mpora <klashniv at gmail.com>
>> > wrote:
>> >>
>> >> Dear All,
>> >>
>> >> Am having trouble changing the port SSH listens on a cisco router. I
>> >> have been able to get it to listen on port 2000 but connections to
>> >> port 22 are also accepted.
>> >>
>> >> I would like to only allow ssh connections on port 2000.
>> >>
>> >> Below are the configs an using:
>> >>
>> >> ip ssh port 2000 rotary 1
>> >> line con 0
>> >> line aux 0
>> >> line vty 0 4
>> >>  rotary 1
>> >>  transport preferred ssh
>> >>  transport input ssh
>> >>  transport output ssh
>> >> line vty 5 807
>> >>  rotary 1
>> >>  transport input ssh
>> >>
>> >> Additional Information:
>> >>
>> >> Cisco IOS Software, 2801 Software (C2801-SPSERVICESK9-M), Version
>> >> 12.4(24)T4, RELEASE SOFTWARE (fc2)
>> >> ROM: System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)
>> >> System image file is "flash:c2801-spservicesk9-mz.124-24.T4.bin"
>> >>
>> >> Please let me know if what am trying to do is achievable and how it can
>> >> be
>> >> done.
>> >>
>> >> Thank you.
>> >>
>> >> Regards,
>> >> Joseph Mpora
>> >>
>> >> _______________________________________________
>> >> afnog mailing list
>> >> http://afnog.org/mailman/listinfo/afnog
>> >
>> >
>
>



More information about the afnog mailing list