Telnet to 800 series

First, use SSH if they support it...not sure on 800s but I know most other Cisco devices do. Second, anyway to VPN into a central place like your home or office and telnet/ssh from there? That way you can open up only that IP address on your 800s. Of course this also relies on vpn uptime and redundancy....if its down...you're down.

No, if you are coming from a remote network via telnet then your MAC address will already have been stripped off by your local router. MAC addresses aren't carried in IP packets. MAC information is only carried in layer 2 encapsulation on local ethernet segments.

As Trendkill said, VPN to a jump off box is the best option if you have that available.

Chris.

The easiest way I've found to get around this restriction securely (Cisco has had a habit of charging extra for ssh capable feature sets) is to ssh to a local box (just about anything running an OS other than Windows) and then do a local telnet from there to the box to be managed. That way you can configure the managed boxes to only accept telnet sessions from relatively safe local IP's, minimizing your exposure. For Internet facing boxes, the connection is a serial port on the inside PC connected to the console port on the outside box. Great application for those antique notebook PCs with barely enough horsepower to run Windows 98, but plenty for a few Linux console sessions.

Good luck and have fun!

1.) MAC addresses or only visible on the local layer 2 network. 2.) MAC addresses can be spoofed very easily. Linux supports setting the MAC address of an ethernet interface via the command "ifconfig eth hw ethernet ".

Kind regards

At least IOS 12.4 on the 877W supports it.

Kind regards