Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
389
Views
5
Helpful
2
Replies

Why this access-list keeps blocking other hosts ?

news2010a
Level 3
Level 3

‎08-06-2005 03:48 PM - edited ‎03-02-2019 11:38 PM

I have a C2610 running IOS12.3.

I want to deny icmp from my serverA to the e0/0 interface in the C2610.

e0/0 IP=192.168.2.19.

I do:

#config t

#int e0/0

ip access-group 101 in

#config t

access-list 101 deny icmp host 192.168.2.19 host 192.168.2.61

Then I attempt to ping from 192.168.2.19 and icmp traffic is blocked - OK.

The problem is that I go to another serverB, IP=192.168.2.8 and that one also is getting icmp blocked. What am I doing wrong ?

Labels:
0 Helpful
2 Replies 2

michael_davis
Level 4
Level 4

‎08-06-2005 03:53 PM

Don't forget the implicit Deny ip any any at the end of every access-list.

You will need to add a line to allow ip any any if you want other traffic to pass.

Let me know if this helps.

news2010a
Level 3
Level 3
In response to michael_davis

‎08-06-2005 06:11 PM

You are guys are rocking. Thanks Michael. That was it.

0 Helpful
Customers Also Viewed These Support Documents