We have multiple 3845 running CCME. We have been hit by our audit committee that TFTP is open on these devices. I know that tftp has to be open for the Cisco phones to function, but is there a way to lock the router down globally where no network can get to it except for the voice segment?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...