09-18-2003 08:58 PM - edited 03-02-2019 10:27 AM
What will be the ACL on the router looks like if I want to deny anyone trying to ping outside from inside/LAN? (Permit ping from Outside to inside/LAN). Please HELP!
09-18-2003 09:53 PM
Why would you want to let pings to be blocked from inside to be outside, and enable pings from outside to inside ?
09-18-2003 10:49 PM
Try this:
access-list 101 deny icmp any any echo
and apply to LAN/inside interface of your router:
int e0
ip access-group 101 in
You can also change the first 'any' in access-list for your LAN address range:
access-list 101 deny icmp A.B.C.0 0.0.0.255 any echo
Anyway, as thisisshanky says, you still let your inside LAN hosts to reply pings from outside to inside. If you also want to deny this just add:
access-list 101 deny icmp any any echo-reply
Hope this helps
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide