I know it's not what you said. What you said was obvious. I guess it comes about because I said to test with end devices. Router A is acting like an end device in your example. I should have been more clear. What is not obvious is that ACLs on Router B do not apply to pings to and from Router B. Every newbie has probably been bitten by that one, especially in simple labs. Priscilla At 09:42 PM 8/26/01, Brad Ellis wrote: >Priscilla, that's not what I said. Here's what I said: > >"...pings sent by one router will not be filtered by another router? " > >Hence my diagram for further explanation: > >Router A -=- Router B -=- Device A >(-=- can be ethernet x-over, serial back-to-back, etc) > >An ACL is applied on Router B's interface (applied inbound) that is >connected to Router A. What I originally said, and continue to say, is that >Router B will most certainly block packets (pings or whatever) coming from >Router A...and it is irrelevant if Router A is a router or a host device. >The ACL on Router B doesnt care if the device sending packets is a router or >an end host device! > >If Router B was initiating the ping and Router B had the ACL applied, that >would be a different story. > >ttyl, >-Brad Ellis >CCIE#5796 >[EMAIL PROTECTED] >used Cisco: www.optsys.net > >""Priscilla Oppenheimer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > At 08:06 PM 8/26/01, Brad Ellis wrote: > > >Priscilla, > > > > > >Are you saying that pings sent by one router will not be filtered by >another > > >router? I beg to differ. > > > > Of course not. Pings sent by the router where the ACL is configured are >not > > affected by the ACL. Try it. > > > > Priscilla > > > > > > >-Brad > > > > > >""Priscilla Oppenheimer"" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > At 06:26 PM 8/26/01, Brad Ellis wrote: > > > > >Sami, > > > > > > > > > >You'll need to give more info than that. The router does not care if > > the > > > > >packets are originated from a host or another router. It will filter > > > > >packets based on packet information, ie, source address, destination > > > > >address, port #... > > > > > > > > This filtering happens as part of the packet-forwarding process. >Packets > > > > sent by the router (such as pings) may not go through this process. >Sorry > > > > that I don't have the details, but I have run into surprising results >in > > a > > > > lab environment when testing access lists from a router. You need to >test > > > > them from end hosts. > > > > > > > > I can't believe I'm challenging a CCIE, ;-) but I was afraid nobody >else > > > > would, and I think the question bears more research. > > > > > > > > Priscilla > > > > > > > > >Are you saying the router wont filter packets originated from the >router > > > > >itself? How are your access-lists applied? Inbound or Outbound? >What > > >are > > > > >you trying to filter? Explain your situation a little better, and > > >include > > > > >your access-list if you so desire. > > > > > > > > > >-Brad Ellis > > > > >CCIE#5796 > > > > >[EMAIL PROTECTED] > > > > >used Cisco: www.optsys.net > > > > > > > > > >""sami natour"" wrote in message > > > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > > Hi All , > > > > > > When I made standard access list I discoverd that it > > > > > > prevented packets originated form PC's and host but > > > > > > not packets originated from other routers.Any idea why > > > > > > this will happen. > > > > > > > > > > > > Best Regards , > > > > > > sami , > > > > > > > > > > > > > > > > > > __________________________________________________ > > > > > > Do You Yahoo!? > > > > > > Make international calls for as low as $.04/minute with Yahoo! > > >Messenger > > > > > > http://phonecard.yahoo.com/ > > > > ________________________ > > > > > > > > Priscilla Oppenheimer > > > > http://www.priscilla.com > > ________________________ > > > > Priscilla Oppenheimer > > http://www.priscilla.com ________________________ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17353&t=17353 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
