permit only outbound icmp requests and inbound replies, deny other

Discussion in 'Cisco' started by Mark Matheney, Dec 10, 2003.

  1. I want to permit icmp echo requests outbound and echo replies inbound,
    but NOT permit inbound echo requests or their replies ... is this
    possible with Cisco IOS? If so, would you please give an example?
    Thanks.
     
    Mark Matheney, Dec 10, 2003
    #1
    1. Advertising

  2. Mark Matheney

    KR Guest

    Re: permit only outbound icmp requests and inbound replies, denyother

    Mark Matheney wrote:
    > I want to permit icmp echo requests outbound and echo replies inbound,
    > but NOT permit inbound echo requests or their replies ... is this
    > possible with Cisco IOS? If so, would you please give an example?
    > Thanks.


    Adding the following line to an access-list will block echo requests:

    access-list 123 deny icmp any any echo

    And this will do the same for echo replies:

    access-list 123 deny icmp any any echo-reply

    You need to make two access lists, and then bind them to the relevant
    interfaces (with the access-group command). Remember that access lists
    have an implicit "deny all" at the bottom.
     
    KR, Dec 10, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jesper Jenssen

    Basic question: Pix & ICMP echo replies

    Jesper Jenssen, Nov 21, 2003, in forum: Cisco
    Replies:
    3
    Views:
    7,126
    Walter Roberson
    Nov 21, 2003
  2. Martin C.E.

    HELP! I need Sygate to permit inbound UDFs

    Martin C.E., Dec 7, 2003, in forum: Computer Security
    Replies:
    3
    Views:
    764
    Martin C.E.
    Dec 9, 2003
  3. Replies:
    3
    Views:
    6,229
    Walter Roberson
    Jan 5, 2007
  4. janet
    Replies:
    11
    Views:
    1,813
    Beauregard T. Shagnasty
    Dec 17, 2007
  5. ProXXio
    Replies:
    0
    Views:
    1,981
    ProXXio
    Jan 13, 2011
Loading...

Share This Page