I ran across this little config snip while switching a router from one ISP to another. I’ve changed the IPs in the access-list to protect the guilty, but I’ve left enough to get the general idea across. Anyone want to take a wild guess as to what’s wrong with the config? I’ll give you a little hint: The first five callers get an unexpected bonus!
aaa authentication login vty local ! ip access-list extended VTY permit ip 172.17.0.0 0.0.255.255 any permit ip 192.168.10.0 0.0.0.255 any ! line vty 0 4 login authentication vty transport input telnet ssh ! line vty 5 15 access-class VTY in login authentication vty