Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
295
Views
0
Helpful
5
Replies

Why did Ping still work?

Go to solution
JoshGarmonCiscoCCNA
Level 1
Level 1

‎10-14-2015 09:44 AM - edited ‎03-05-2019 06:58 AM

I created a Named Access List...Extended...denying icmp echos from any to any

I then permited ip any any

 

Well everything behind, in front of, etc...of that router was still able to be Pinged.

 

How come?

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to JoshGarmonCiscoCCNA

‎10-14-2015 11:05 AM

That should have stopped pings to the 150.4.x.x IPs from R2 or anything beyond that.

It wouldn't stop you pinging from the 150.4.x.x IPs to anything beyond R1 though ie. R2 or the other routers. 

Jon

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-14-2015 09:49 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Most likely, there's an error in your config, although IOS can have bugs.

It would be helpful, for a question like yours, for you to post your config and describe the platform and IOS being used.

0 Helpful

Go to solution
JoshGarmonCiscoCCNA
Level 1
Level 1
In response to Joseph W. Doherty

‎10-14-2015 10:12 AM

Hey Joseph

 

Well it's in Packet Tracer.

 

Router is a 1941

 

show version says Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4

 

150.4.0.0 /16 network -----------------Router1--------------192.168.9.0 /30--------------Router2------bunch of other routers

 

Router1#conf t

                  ip access-list extended block_ping

                  deny icmp any any echo

                  permit ip any any

 

Everyone could still ping everything connected to Router1

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to JoshGarmonCiscoCCNA

‎10-14-2015 10:15 AM

What interface did you apply the acl to ?

What direction did you apply it in ?

Where are you pinging from and what are you pinging ?

As Joe says the more info you can supply the easier it is for us to answer.

Jon

0 Helpful

Go to solution
JoshGarmonCiscoCCNA
Level 1
Level 1
In response to Jon Marshall

‎10-14-2015 11:03 AM

i applied the list to Router1's Serial interface which is connected to Router2

 

INBOUND

 

I have EIGRP running so everyone knows about everybody and I'm pinging from Everywhere to all PC hosts behind Router1 in the 150.4.0.0 /16 net and Router1's 192.168.9.1 /30 address.

 

 

 

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to JoshGarmonCiscoCCNA

‎10-14-2015 11:05 AM

That should have stopped pings to the 150.4.x.x IPs from R2 or anything beyond that.

It wouldn't stop you pinging from the 150.4.x.x IPs to anything beyond R1 though ie. R2 or the other routers. 

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card