Telnet to 800 series

Hello
I have several clients that have 800series modems
I use telenet to remote access them.
My proiblem is that i travel a lot so I'm on different IP addresses,
but always with the same laptop therefore the same MAC address
Is there any way to set up access-lists or some other way to look for
my MAC address before giving me access.
If not this way can anyone tell what is the best way, as i don't
really want them left open to the world
Thanks in advance
Reply to
Super Slueth
Loading thread data ...
First, use SSH if they support it...not sure on 800s but I know most other Cisco devices do. Second, anyway to VPN into a central place like your home or office and telnet/ssh from there? That way you can open up only that IP address on your 800s. Of course this also relies on vpn uptime and redundancy....if its down...you're down.
Reply to
Trendkill
No, if you are coming from a remote network via telnet then your MAC address will already have been stripped off by your local router. MAC addresses aren't carried in IP packets. MAC information is only carried in layer 2 encapsulation on local ethernet segments.
As Trendkill said, VPN to a jump off box is the best option if you have that available.
Chris.
Reply to
chris
The easiest way I've found to get around this restriction securely (Cisco has had a habit of charging extra for ssh capable feature sets) is to ssh to a local box (just about anything running an OS other than Windows) and then do a local telnet from there to the box to be managed. That way you can configure the managed boxes to only accept telnet sessions from relatively safe local IP's, minimizing your exposure. For Internet facing boxes, the connection is a serial port on the inside PC connected to the console port on the outside box. Great application for those antique notebook PCs with barely enough horsepower to run Windows 98, but plenty for a few Linux console sessions.
Good luck and have fun!
Reply to
Vincent C Jones
1.) MAC addresses or only visible on the local layer 2 network.
2.) MAC addresses can be spoofed very easily. Linux supports setting the MAC address of an ethernet interface via the command "ifconfig eth hw ethernet ".
Kind regards
Reply to
Matthias Scheler
At least IOS 12.4 on the 877W supports it.
Kind regards
Reply to
Matthias Scheler

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.