cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
315
Views
0
Helpful
1
Replies

TFTP security lockdown

btrice
Level 1
Level 1

We have multiple 3845 running CCME. We have been hit by our audit committee that TFTP is open on these devices. I know that tftp has to be open for the Cisco phones to function, but is there a way to lock the router down globally where no network can get to it except for the voice segment?

1 Reply 1

Collin Clark
VIP Alumni
VIP Alumni

You could put an ACL on the other interfaces denying TFTP.

access-list 100 deny udp any any eq 69

access-list 100 permit ip any any

Hope that helps.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: