Block SSH connections

[sscn]

Hello everyone.
I'm having a hard time trying to block incoming ssh connections to my router alcatel 7750 (brute force attacks)
Does anybody know how to ONLY allow ssh connections thru the system ip? thats because a simple ACL doesn't work cuz I'm getting connections attempts from all the interfaces on the router (more than 200+).


I will be eternally grateful if someone could help me

[paramount]

Hi, best way is a cpm filter. If you create an ip filter under the cpm filter and limit it there.

All cpm bound traffic will need to go through this filter and you can set to only allow system address as destination for ssh here.

If you don't already have this in place set the default action to allow and then add your ssh filters in correct order. Careful not to lock yourself out.

Would try in lab first if it's a live box.

There are other ways to try and limit this type of traffic.

Cheers

Sent from my C6833 using Tapatalk