?
Solved

NTP access list help

Posted on 2010-11-19
1
Medium Priority
?
476 Views
Last Modified: 2012-05-10
the request:

-8.x needs UDP access to 20.x and 21.
-We also need 12.x subnet to be able have NTP access to the 22.x

i'm reading that as 1) 8.x needs to be able to send UDP traffic to 20.x and 21.x and 2)  12.x needs to send NTP traffic to 22.x.

based on a year old config file that was sent to me, each subnet is a vlan with extended access groups for inbound and outbound traffic. i am going to have to look at the current config when i visit my client and go from there.

would this be accomplished by?

for 1)
ip access-list extended vlan8_out
permit udp x.x.8.0 0.0.0.255 any

ip access-list extended vlan20_in
permid udp x.x.8.0 0.0.0.255 any

ip access-list extended vlan21_in
permid udp x.x.8.0 0.0.0.255 any

for 2)

ip access-list extended vlan12_out
permit udp any eq ntp x.x.22.0 0.0.0.255

ip access-list extended vlan22_in
permit udp any eq ntp x.x.22.0 0.0.0.255
0
Comment
Question by:Netrinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 3

Accepted Solution

by:
GeneralMandible earned 2000 total points
ID: 34174617
I think this is what you're looking for:

for 1)
ip access-list extended vlan8_out
permit udp any x.x.20.0 0.0.0.255
permit udp any x.x.21.0 0.0.0.255

ip access-list extended vlan20_in
permit udp x.x.8.0 0.0.0.255 any

ip access-list extended vlan21_in
permit udp x.x.8.0 0.0.0.255 any

for 2)

ip access-list extended vlan12_out
permit udp any x.x.22.0 0.0.0.255 eq ntp

ip access-list extended vlan22_in
permit udp x.x.8.0 0.0.0.255 any eq ntp
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question