I work in an enterprise environment and basically have to work behind proxy
servers as well, but I find you can still be productive in pinging or
running traceroutes outside of the enterprise. If your organization allows
it through the use of a telnet proxy, you should be able to get to a route
server.
If you have web access, which I'm sure most of us do, then you can access a
number of the looking glass sites out there which allow you to ping and
traceroute among other things to any point(s) within the Internet.
Sometimes we have to find more than one way to skin a cat, support our
customer base or solve a lab problem..dj
There are numerous web sites and route servers you can use
""Tony van Ree"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> This comes up occasionally. I don't understand why access lists are not
put in place to allow you to ping out but not allow "echo reply" from your
site. Also why not allow sessions you have established. ie access-list ##
permit ip any any established or similar.
>
> Often the reasons for doing this is to cut down on WAN charges. The best
way to avoid these is the use of local proxies and force all to use the
proxy via an access list.
>
> Ping and Telnet do not usually cause a problem. Ping attacks are a fear
shutting down services not initiated by youself can overcome these issues.
>
> I have found the use of ping highly desirable if not necessary when
trouble shooting WAN and WEB problems. The problems have included incorrect
default gateway settings to Telco failures. A number of products also use
ping packets to do trace routes so your management could indeed be creating
a lot of hassel for themselves.
>
> I often Telnet to sockets when testing remote sites for example to port 25
to test a mail problem or port 80 to check a WEB server is up. This often
varifies DNS, addressing and server setup issues. This is valid testing
when looking at computer communications.
>
>
> Hope this helps
>
> Teunis,
> Hobart, Tasmania
> Australia
>
> On Wednesday, January 03, 2001 at 02:53:31 PM, A.Strobel wrote:
>
> > Working for an enterperise has its disadvantages. Based on the new
policy, now
> > I (network engineer) am unable to ping the outside world nor telnet to
the
> > outside world.
> >
> > Although my main job is taking care of Cisco gear inside the enterprise,
I
> > hate the fact that someone with a half brain sitting at a proxy server
> > dictates me what I can do and what I can not do.
> >
> > I might have a chance in removing these restrictions if I can justify
that I
> > need to ping or telnet the ouside world.
> > Can you guys think of any justification?
> >
> > TIA,
> > A. Strobel
> >
> >
> >
> >
> >
> >
> > ____________________________________________________________________
> > Get free email and a permanent address at http://www.amexmail.com/?A=1
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> >
>
>
> --
> www.tasmail.com
>
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
