Solved

NTP access list help

Posted on 2010-11-19
1
462 Views
Last Modified: 2012-05-10
the request:

-8.x needs UDP access to 20.x and 21.
-We also need 12.x subnet to be able have NTP access to the 22.x

i'm reading that as 1) 8.x needs to be able to send UDP traffic to 20.x and 21.x and 2)  12.x needs to send NTP traffic to 22.x.

based on a year old config file that was sent to me, each subnet is a vlan with extended access groups for inbound and outbound traffic. i am going to have to look at the current config when i visit my client and go from there.

would this be accomplished by?

for 1)
ip access-list extended vlan8_out
permit udp x.x.8.0 0.0.0.255 any

ip access-list extended vlan20_in
permid udp x.x.8.0 0.0.0.255 any

ip access-list extended vlan21_in
permid udp x.x.8.0 0.0.0.255 any

for 2)

ip access-list extended vlan12_out
permit udp any eq ntp x.x.22.0 0.0.0.255

ip access-list extended vlan22_in
permit udp any eq ntp x.x.22.0 0.0.0.255
0
Comment
Question by:Netrinc
1 Comment
 
LVL 3

Accepted Solution

by:
GeneralMandible earned 500 total points
ID: 34174617
I think this is what you're looking for:

for 1)
ip access-list extended vlan8_out
permit udp any x.x.20.0 0.0.0.255
permit udp any x.x.21.0 0.0.0.255

ip access-list extended vlan20_in
permit udp x.x.8.0 0.0.0.255 any

ip access-list extended vlan21_in
permit udp x.x.8.0 0.0.0.255 any

for 2)

ip access-list extended vlan12_out
permit udp any x.x.22.0 0.0.0.255 eq ntp

ip access-list extended vlan22_in
permit udp x.x.8.0 0.0.0.255 any eq ntp
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
VPN Problems 3 52
Cisco 2921 WIC card 2 43
Switch Speed 2 59
Sonicwall routing between VPNs 5 27
This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridgi…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now