Nice little pitfall

I've been translating the config of a series of routers running IOS version 12.x to brand new ones running version 15.
Out of the cardboard box, the brand new routers seem to come with a sort of a default config which, among other things, contains the following.
First, the most generic interface on the unit (in my case Gi0/0) gets a helpful IP address so you can do a remote initial setup: Then, trying even harder to be helpful, cisco incluse an access-list to restrict access to the http server to the subnet they assigned to your interface: And finally, because they love being secure, they apply that access list to your virtual terminal lines as well: So what, you may say. But if you're in a hurry to set your router up so you blast in the new IP address for Gi0/0, slap in the rest of your config, box it up and send it to Timbuktu because the courier will be here in fifteen minutes then you will come undone. When it gets there you'll find you can't access it remotely because that access list 23, which was so helpfully applied to both your http server and VTY lines remember, now bears no resemblance to any of the IP networks configured on your router...
You have been warned!

Oh yes ... thank you Cisco - don't you love it how 'secure' their routers are straight out of the 'box' ?

Pretty silly if you ask me - don't know why they do this, but definitely worth mentioning Alan!