Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
1
Helpful
7
Replies

Deny ping on an incoming interface

Go to solution
Marcin Maciejewicz
Level 1
Level 1

‎09-12-2024 01:55 AM

Is there any way to silently drop a ping request on an interface? Right now I have an ACL configured with "deny icmp any any echo" but when I ping that interface I get "Packet filtered" message. Is there any way to drop it completely?

Regards
Marcin Maciejewicz

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to MHM Cisco World

‎09-12-2024 08:28 AM

Try configuring no ip unreachable on the interface and let us know the results.

HTH

Rick

View solution in original post

0 Helpful
7 Replies 7

Go to solution
MHM Cisco World
VIP
VIP

‎09-12-2024 02:39 AM

Packet filter ? Are this meaning the packet drop or not?

Also this router run zone firewall?

MHM

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to MHM Cisco World

‎09-12-2024 08:28 AM

Try configuring no ip unreachable on the interface and let us know the results.

HTH

Rick
0 Helpful

Go to solution
paul driver
VIP
VIP

‎09-12-2024 02:34 PM

Hello

conf t
logging discriminator PKT-FIL-MSG msg-body drops Packet filtered
logging buffered discriminator PKT-FIL-MSG informational
logging console discriminator PKT-FIL-MSG informational
logging monitor discriminator PKT-FIL-MSG informational


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to paul driver

‎09-12-2024 03:16 PM

There seems to be a bit of confusion about this issue. I assumed that the issue was a response message that went back to the device that originated the ping. And my response addressed that. Paul assumes that the issue was about messages appearing in the log. And his response addressed that. Perhaps the OP can clarify what issue was intended?

HTH

Rick
0 Helpful

Go to solution
Marcin Maciejewicz
Level 1
Level 1
In response to Richard Burts

‎09-13-2024 12:25 AM

Thanks! That did the job!

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Marcin Maciejewicz

‎09-13-2024 09:12 AM

You are welcome.  I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
0 Helpful

Go to solution
paul driver
VIP
VIP

‎09-13-2024 12:52 AM

Hello
Just like to point out, although disabling unreachables is a good fix,it is a "catch all"  deny everything associated with it, and as ICMP  has many sub codes that rely on unreachables, by disabling it as a whole could  potentially have a negative impact on other things running on the network.  


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card