08-11-2004 10:16 AM - edited 02-20-2020 11:33 PM
I can't get the firewall to stop responding to pings, I have put in the following line of code.
access-list outside_access_in deny icmp any any
The firewall continues to repond to pings. What am I not doing?
08-11-2004 10:46 AM
Hi,
This access-list will stop ICMP that's being routed through the firewall only.
If you want to disable it from the outside interface then you need to enter :
"icmp deny any outside"
Rgds
Paddy
08-11-2004 11:12 AM
Thank you very much for your reply. Is that the line of code that I put in or do I just change the end of my access-list line so that it reads
access-list outside_access_in deny icmp any outside
thanks again
08-11-2004 11:31 AM
Put it in exactly as Paddy showed at the config prompt:
pixfirewall(config)# icmp deny any any
You can also specify an interface. For example, if you want to allow ping from the inside and deny it from the outside (to the "outside" interface), use:
pixfirewall(config)# icmp deny any outside
08-11-2004 11:46 AM
It is important to remember that access-lists only apply to traffic that goes *through* the box. Traffic destined *to* the box is never processed via the ACL's applied to the interfaces.
Scott
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide