.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
Deny NTP at a certain time everyday
Yeah. Time based ACL is an extended ACL feature, so you can’t do something like ntp access-group…since that only take standard number ACL. ACL on the outbound interface won’t stop locally generated NTP packets. I had to do ip local policy route-map. Another is to use something in 12.4T code: zone-based firewall. Where you could do something about locally generated packets without using local policy. Just wonder if there is something simplier 
-lmn
On Jan 18, 2008 7:19 AM, Bajo wrote:
> Hi lmn, > > I can think of playing with > > 1. ACL on the interface > 2. PBR ( set interface to null if a match) > 3. Nat > 4. VACL > 5. MQC > ALL will use a time-based ACL as a match criteria. > > Hopefully, someone will show some cool-tricks > > R3#sh ip nbar port-map | in ntp > port-map nntp udp 119 > port-map nntp tcp 119 > port-map ntp udp 123 > port-map ntp tcp 123 > port-map secure-nntp udp 563 > port-map secure-nntp tcp 563 > > > > > On 1/16/08, Luan Nguyen wrote: > > Hi guys, > > I have a question: How many way(s) can you configure your router to > stop > > ntp query from 12 to 1 every day without affecting anything else? You > don’t > > have to limit yourself to the lab ios and technologies. > > > > Thanks. > > > > -lmn > > > > _______________________________________________________________________ > > Subscription information may be found at: > > http://www.groupstudy.com/list/CCIELab.html > > > > > — > Kind Regards, > > Bajo
