날짜: 06-01-2024 09:27 PM
I need to configure my router so that no PCs in the 192.168.0.0/24 range can send pings (ICMP) to any device, and no devices can send pings (ICMP) to the 192.168.0.0/24 range, but I want to do this without using ACLs or firewalls.
Does anyone know how to do this?
해결되었습니다! 솔루션으로 이동.
날짜: 06-01-2024 09:31 PM
I want to do this without using ACLs or firewalls <<- this not usual but it can be done
first do
ip access-list extended ICMP
permit icmp any any
!
route-map ICMP permit 10
match ip address ICMP
set ip next-hop null0
!
interface x
policy route-map ICMP
this make any traffic match icmp send to null0 i.e. drop
MHM
날짜: 06-01-2024 09:31 PM
I want to do this without using ACLs or firewalls <<- this not usual but it can be done
first do
ip access-list extended ICMP
permit icmp any any
!
route-map ICMP permit 10
match ip address ICMP
set ip next-hop null0
!
interface x
policy route-map ICMP
this make any traffic match icmp send to null0 i.e. drop
MHM
날짜: 06-02-2024 09:16 AM
I don't think it works on 2911, maybe there's another way? I'm testing it in packet tracer right now.
날짜: 06-02-2024 05:39 PM
Sure it work in 2911 real device
But for PKT I don't think it support PBR
MHM
날짜: 06-01-2024 09:38 PM
Do not route the 192.168.0.0/24 network.
날짜: 06-02-2024 09:16 AM
Only ICMP needs to be blocked.
새로운 아이디어를 발견하고 저장하세요. 전문가 답변, 단계별 가이드, 최근 주제 등 다양한 내용을 확인해 보세요.
처음이신가요? 아래 팁들을 확인해 보세요. 시스코 커뮤니티 사용하기 새 멤버 가이드