01-26-2005 07:42 AM
For security policies, we need to block all unused tcp/udp ports on our routers, incuding ftp port (used for large flash files upload). Is this possible on 2500 & 2600 Routers? How? Should we left it open for management reasons?
Thanks in advance for your comments....
01-26-2005 08:31 AM
Your IOS is probably too old for Cisco Autosecure, here is some good reading from NSA;
01-27-2005 06:02 AM
These are the IOS on the routers:
c2600-i-mz.120-7.T 12.0(7)T
c2600-i-mz.120-4.T 12.0(4)T
c2500-i-l.120-10 12.0(10)
01-27-2005 08:15 AM
If you have problems hitting the NSA site, here's another great document provided by Cisco to lock down your IOS devices:
http://www.cisco.com/en/US/partner/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide