diff --git a/templates/iosxr/base.j2 b/templates/iosxr/base.j2
index 6d07366..8560946 100644
--- a/templates/iosxr/base.j2
+++ b/templates/iosxr/base.j2
@@ -31,22 +31,24 @@ lldp
 ipv4 access-list ACL-INTERNET-IN-V4
  {% for rule in lookup("system", "firewall") | default([], true) %}
     {% if rule.protocol is not defined %}
- {{ rule.action }} ipv4 {{ rule.src | default("any") }} {{ rule.dst | default("any") }}
+ {{ loop.index0 * 10 + 100 }} {{ rule.action }} ipv4 {{ rule.src | default("any") }} {{ rule.dst | default("any") }}
     {% else %}
- {{ rule.action }} {{ rule.protocol }} {{ rule.src | default("any") }} {% if rule.sport is defined %} eq {{ rule.sport }}{% endif %} {{ rule.dst | default("any") }} {% if rule.dport is defined %} eq {{ rule.dport }}{% endif %}
+ {{ loop.index0 * 10 + 100 }} {{ rule.action }} {{ rule.protocol }} {{ rule.src | default("any") }} {% if rule.sport is defined %} eq {{ rule.sport }}{% endif %} {{ rule.dst | default("any") }} {% if rule.dport is defined %} eq {{ rule.dport }}{% endif %}
 
     {% endif %}
+    {% if loop.last %}
+ {{ loop.index0 * 10 + 110 }} permit ipv4 any any
+    {% endif %}
  {% endfor %}
- permit ipv4 any any
 !
 ipv4 access-list ACL-SNMP
 {% if "edge" in groups and lookup("system", "sampling").type is not none %}
- permit ipv4 {{ lookup("system", "sampling")["snmp-prefix"] }} any
+ 100 permit ipv4 {{ lookup("system", "sampling")["snmp-prefix"] }} any
 {% endif %}
 !
 snmp-server vrf VRF-MANAGEMENT
 snmp-server community {{ lookup("system", 'snmp')["ro-community"] }} RO IPv4 ACL-SNMP
-snmp-server contact Blade Network team <someone@example.com>
+snmp-server contact Blade Network team <noc@blade-group.com>
 snmp-server location {{ lookup("system", "datacenter") }}, {{ lookup("system", "country") }}
 snmp-server ifindex persist
 !
diff --git a/templates/iosxr/ssh.j2 b/templates/iosxr/ssh.j2
index 5b9ee65..c238b93 100644
--- a/templates/iosxr/ssh.j2
+++ b/templates/iosxr/ssh.j2
@@ -1,9 +1,9 @@
 ipv4 access-list ACL-SSH
 {% if lookup("topology", "addresses").main is defined %}
- permit ipv4 {{ lookup('topology', 'addresses').main | ipaddr('subnet') }} any
+ 100 permit ipv4 {{ lookup('topology', 'addresses').main | ipaddr('subnet') }} any
 {% endif %}
 {% for items, prefix in lookup('topology', 'acl-addresses').admin.items() %}
- permit ipv4 {{ prefix }} any
+ {{ loop.index0 * 10 + 110 }} permit ipv4 {{ prefix }} any
 {% endfor %}
 !
 {% for user, value in lookup("system", "users").items() if  user != "blade" %}