Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2969
Views
0
Helpful
2
Replies

Allow one computer to ping all other , but not the other way around on packet tracer

Go to solution
Shayn
Level 1
Level 1

‎08-06-2020 12:04 AM

Hello.

I have a project on packet tracer where I need to do these things :

Servers IP = static , computers = DHCP

"direction" and "secretaire" can access to internet (with a nat)

"secretaire" and "direction" can communicate with each other.

"administrateur" can connect through ssh to "switchcoeur" and "routeurversinternnet" , he can also ping everywhere.

Other users can't communicate outside their vlans

Everyone can acces to "copieur" and to the servers.

 

I don't have any problem , except for the part where "administrateur" can ping everyone.

If "administrateur" can ping anyone , it also means everyone can ping him.

If I don't allow others to ping "administrateur" , then when , but they're not allowed to come back.

 

Is there a way that if "administrateur" makes the request , the packets are sent and retrieved , but if someone else tries to ping "administrateur" , the packets gets blocked by the access list ? 

I guess an extended access list will be requiered , but I don't really know how to do that.

Thanks in advance !

Labels:
Preview file
175 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎08-06-2020 01:00 AM

HI,

What is your requirement? Do you want to block the only ping from location A to all but reverse wants to block?

 

I think you need to block only "ICMP Request" from all locations to location A and add allow all at the end of the access-list.

 

ip access-list extended ICMP block

deny icmp any 172.18.0.0 0.0.255.255 echo

permit icmp any any

 

If it does not work then share your topology attached.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎08-06-2020 01:00 AM

HI,

What is your requirement? Do you want to block the only ping from location A to all but reverse wants to block?

 

I think you need to block only "ICMP Request" from all locations to location A and add allow all at the end of the access-list.

 

ip access-list extended ICMP block

deny icmp any 172.18.0.0 0.0.255.255 echo

permit icmp any any

 

If it does not work then share your topology attached.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
Shayn
Level 1
Level 1
In response to Deepak Kumar

‎08-06-2020 05:42 AM

It did work indeed , I just had to change the address according to my own network , and now it's working just as needed.

Many thanks for your help !

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card