ic, then just allow echo-reply packets back
access-list 110 permit icmp any 192.168.1.0 0.0.0.255 echo-reply
this way they cant ping you but you can ping them
HTH
Ronald Warner wrote:
i thought about that but the access-list below will allow other hosts to send icmp packets to that subnet. i just wants hosts in the specified subnet to be able to ping.
From: "Mark M. Barrios" <[EMAIL PROTECTED]>
Reply-To: Philippine Linux Users Group Mailing List <[EMAIL PROTECTED]>
To: Philippine Linux Users Group Mailing List <[EMAIL PROTECTED]>
Subject: Re: [plug] offtopic access-list allow certain icmp
Date: Fri, 12 Sep 2003 10:28:10 +0800
try permiting the reply packets back.
eg.
access-list 110 permit icmp any 192.168.1.0 0.0.0.255
HTH
Ronald Warner wrote:
Good day.
I am trying to find a way to block icmp but allowing only a certain ip subnet icmp access on a cisco router. blocking is simple. but allowing only a certain, i am having problems with. i have tried:
access-list 110 permit icmp 192.168.1.0 0.0.0.255 any access-list 110 deny icmp any any access-list 110 permit ip any any
but this did not work.
Is there a way for this?
Thanks.
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
