Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
110861
Views
30
Helpful
17
Replies

ACL for ICMP

Go to solution
David Lin
Level 3
Level 3

‎10-10-2008 11:56 AM - edited ‎03-06-2019 01:52 AM

I just created one ACL as below for blocking ICMP except host 10.10.1.1. But that host still can't ping this interface or other hosts behind after I applied the ACL to the interface. Don't know why? I know this is a silly question:(

access-list 110 deny icmp any any

access-list 110 permit ip any any

access-list 110 permit icmp host 10.10.1.1 any

access-list 110 permit icmp host 10.10.1.1 any echo-reply

access-list 110 permit icmp host 10.10.1.1 any echo

interface Ethernet1/0

ip address 10.10.1.2 255.255.255.0

ip access-group 110 in

4 people had this problem
Labels:
0 Helpful
17 Replies 17

Go to solution
David Lin
Level 3
Level 3
In response to Jon Marshall

‎10-14-2008 10:17 AM

Got it. Many thanks.

0 Helpful

Go to solution
David Lin
Level 3
Level 3
In response to Richard Burts

‎10-10-2008 12:34 PM

Understood. I always copied the configuration from other example before. So never notice on instance sequence. Need to learn more details. Thanks!

0 Helpful

Go to solution
FAIQ
Community Member

‎03-27-2019 05:02 AM

Hello

i want to implement acl for icmp block from ouside on my router interface but allow only my wan ip which im using for internet

 

0 Helpful
Customers Also Viewed These Support Documents