Hi List!
I would like to know how can I block ICMP echos (Ping & Trace) for an
specific interface, allowing everything else. I tried the ACL below but it
didn't work. What am I doing wrong??
Router-R2#sh run
access-list 101 deny tcp any any eq echo
access-list 101 deny udp any any eq echo
access-list 101 permit ip any any
interface Ethernet0
ip address 192.168.0.101 255.255.255.0
ip access-group 101 in
ip access-group 101 out
Router-R2#r1
Trying R1 (192.168.0.100)... Open
Router-R1#ping r2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 192.168.0.101, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Router-R1#
Thanks in advance!!
Magoo
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17761&t=17761
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]