06-24-2023 09:53 AM
Hi Firends,
We wants to apply NTP Vulnerability fix in cisco router, below are the requirement and do the needful.
1. We want to use NTP server as Microsoft (Cloud), means want to do client configuration on Cisco router.
2. no other NTP server should not communicate (May be need some access list, so that my router should reach-out only Microsoft NTP server only, not any other could NTP server.
Please help me for sample configuration.
Thanks in Advance,
Srinivas.
06-24-2023 10:20 AM
Hi
Basically you need
conf t
clock timezone GMT- (your GMT)
ntp peer <Microsoft NTP> prefer normal-sync
This should be enough. For ACL but if you need to add
access-list xx permit udp host <your router> <Microsoft NTP> eq ntp
06-24-2023 10:32 AM
Thanks for your response and is it should be in wan interface?
If possible, please help me with configuration in global part and interface part.
06-24-2023 10:42 AM
On the wan interface you can to
int Gix/x
access-group xx in
06-24-2023 11:05 AM
Thanks Flavio, will try and confirm you.
06-24-2023 11:25 AM
Only keep in mind that the ACL may need to be more complex then that in order to handle other trafffics. I am considering only ntp
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide