SNTP and ACL HP J9584A 3800

ddenk · ‎06-08-2019

I have Vlan 2 "Management" 172.16.10.0/26 and Vlan 100 "Admins" 172.16.1.0/24.

Vlan 2 - for management switch.

Vlan 100 - for SNTP and SNMP server.

ACL was configured on the switch, after which there is no connection to the SNTP and SNMP server.

Only the UDP port is not working

Config:
...

timesync sntp
sntp unicast
sntp server priority 1 172.16.1.10
no telnet-server
time timezone 180
no web-management
...

ip directed-broadcast
ip route 0.0.0.0 0.0.0.0 192.168.44.254
ip routing
ip udp-bcast-forward
...

vlan 2
name "Management"
tagged 1-12,24-25
ip address 172.16.10.2 255.255.255.192
ip forward-protocol udp 172.16.1.10 snmp
ip forward-protocol udp 172.16.1.10 ntp
ip forward-protocol udp 172.16.1.255 ntp
exit
...

vlan 100
name "Admins"
tagged 6,24-25
ip access-group "Admins-IN" in
ip address 172.16.1.254 255.255.255.0
exit
...

Access list:

ip access-list extended "Admins-IN"
5 remark "Established_und_ICMP"
7 permit tcp 172.16.1.0 0.0.0.255 0.0.0.0 255.255.255.255 established
10 permit icmp 172.16.1.0 0.0.0.255 0.0.0.0 255.255.255.255 0
20 permit icmp 172.16.1.0 0.0.0.255 172.16.1.254 0.0.0.0 8
30 permit icmp 172.16.1.0 0.0.0.255 172.16.21.0 0.0.0.255 8
35 permit icmp 172.16.1.0 0.0.0.255 172.16.10.0 0.0.0.63 8
50 remark "PERMIT_SNTP"
55 permit udp 172.16.1.10 0.0.0.0 0.0.0.0 255.255.255.255 eq 123
60 remark "PERMIT_SRV-KSB"
65 permit ip 172.16.1.0 0.0.0.255 172.16.30.2 0.0.0.0
80 remark "PERMIT_Vlans"
81 permit udp 172.16.1.0 0.0.0.255 172.16.10.0 0.0.0.255 eq 161
82 permit udp 172.16.1.0 0.0.0.255 172.16.21.0 0.0.0.255 range 161 162
83 permit tcp 172.16.1.0 0.0.0.255 172.16.20.0 0.0.0.255 eq 10050
210 remark "DENY_Vlans"
220 deny ip 172.16.1.0 0.0.0.255 192.168.0.0 0.0.255.255
230 deny ip 172.16.1.0 0.0.0.255 10.0.0.0 0.255.255.255
240 deny ip 172.16.1.0 0.0.0.255 172.16.0.0 0.15.255.255
245 remark "Internet-Ohne_Proxy"
246 permit ip 172.16.1.0 0.0.0.255 0.0.0.0 255.255.255.255
250 remark "DENY_Alles"
270 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit

Please tell me what I have not configured.

Thanks!

jmpk · ‎06-19-2019

Hi ,

Do you have any logs or screenshot that explain your issue ?

I work for HPE

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

SNTP and ACL HP J9584A 3800

SNTP and ACL HP J9584A 3800

Re: SNTP and ACL HP J9584A 3800