Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

TFTP security lockdown

We have multiple 3845 running CCME. We have been hit by our audit committee that TFTP is open on these devices. I know that tftp has to be open for the Cisco phones to function, but is there a way to lock the router down globally where no network can get to it except for the voice segment?

1 REPLY

Re: TFTP security lockdown

You could put an ACL on the other interfaces denying TFTP.

access-list 100 deny udp any any eq 69

access-list 100 permit ip any any

Hope that helps.

121
Views
0
Helpful
1
Replies
CreatePlease to create content