Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

Blocking NTP and SNMP

zekebashi
Level 4
Level 4

‎10-26-2018 09:11 AM - edited ‎03-03-2019 08:55 AM

Hello,

 

I need to block ingress ntp and snmp traffic from the Internet to a few IP blocks our company owns and live inside our network. The ACL needs to be created on an ASR1001. Here's the ACL I created but I am not 100% sure if it is correct. Do you see anything wrong with this ACL: 

 

ip access-list extended BLOCKED_INGRESS_Trfc
 
 10 deny  ntp any 1.1.1.0 255.255.255.0 log-input
 20 deny  ntp any 2.2.2.0 255.255.255.0 log-input
 30 deny  ntp any 3.3.3.0 255.255.255.0 log-input
 40 deny  ntp any 4.4.4.0 255.255.255.0 log-input
 50 deny  snmp any 1.1.1.0 255.255.255.0 log-input
 60 deny  snmp any 2.2.2.0 255.255.255.0 log-input
 70 deny  snmp any 3.3.3.0  255.255.255.0 log-input
 90 deny  snmp any 4.4.4.0 255.255.255.0 log-input
 permit ip any any

 

Thanks in advance.

~zK

 

 

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic