Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1331
Views
0
Helpful
1
Replies

Prevent Ping Sweep & Broadcast

sherif1
Level 1
Level 1

‎01-13-2022 03:00 AM - edited ‎01-13-2022 04:27 AM

Hello e1,,

 

I have a group of routers (7 in a row) placed in a tandem deployment with their two end routers communicating to a central point & with each router connected to some local subnets of the same major private network"10.0.0.0".

 

I need to achieve three goals:

 

1- I need to prevent someone in the central point from being able to send a broadcast ping sweep to every subnet on network "10.0.0.0" along the line of routers.

 

2- prevent pinging the directed broadcast address: An IP address that has all binary "1s" in the host bit portion of the address. Used to send data to all devices on the network. For example, 10.10.10.255/24.

 

3- prevent pinging the network address: An IP address that has all binary "0s" in the host bit portion of the address. For example, 10.10.10.0/24.

 

Regards

 

 

 

 

 

 

Labels:
0 Helpful
1 Reply 1

Flavio Miranda
VIP
VIP

‎01-13-2022 06:54 AM

Hi

 Think about where the ping comes. Then, which device is the first one to receive the ping and put an ACL deny ping.

You can play with mask on the Access List but I´d go for blocking ICMP and done.

 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card