About rolandshum

rolandshum · 03-03-2008

I'm about to put this ACL on a border gateway on my interface to my ISP.access-list 120 remark Only applied to g0/0access-list 120 remark Prevents Pings to routeraccess-list 120 remark Allow Ping from Cogent Ops onlyaccess-list 120 permit icmp 66.28....

rolandshum · 02-29-2008

I have the following ACL on my border gateway. access-list 120 remark Only applied to g0/0access-list 120 remark Prevents Pings to routeraccess-list 120 deny icmp any any echo logaccess-list 120 deny icmp any any traceroute logaccess-list 120 per...

rolandshum · 02-27-2008

Does anyone use an ACL like this?access-list 100 deny 10.0.0.0 0.255.255.255 any logaccess-list 100 deny 172.16.0.0 0.15.255.255 any logaccess-list 100 deny 192.168.0.0 0.0.255.255 any logaccess-list 100 deny ip host 255.255.255.255 any logI have th...

rolandshum · 02-26-2008

I want to prevent my border routers from responding to pings and traceroutes from outside addresses yet pass ICMP packets if I'm pinging from my internal addresses. If I apply this ACL to my interface will it do what I need:access-list 120 deny icmp ...

rolandshum · 02-12-2008

I have 2 ASA's they have both been running for over a year. Suddenly 1 stopped passing SMTP traffic. I couldn't telnet via port 25 either. A quick google search and I find a tip that says to take out the fixup SMTP line from the config. Suddenly the ...

rolandshum · 03-03-2008

It's going to be applied inbound. The 198.182.xxx.0 are my network addresses. I want to do this so my router doesn't accept a packet with a source address of my network from the Internet.

rolandshum · 02-26-2008

Thanks for the help.

rolandshum · 02-26-2008

Will that allow for me to ping out from my internal network? I thought if the destination of "any" then the outside interface would stop all icmp requests.

rolandshum · 02-14-2008

I'm on 7.2(2) with the ASA and 6.0.2 for the SSM. It is certainly coming in from the outside. I don't have that address range on the inside of my network. I'm just surprised that the ASA is even passing it on to the SSM before it is dropped.

rolandshum · 02-12-2008

Thanks for the information, I was afraid of that answer.

Member Since	‎06-11-2004 09:43 AM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	191
Total Helpful Votes Received	17

User Statistics

User Activity

Sanity check on ACL please

ACL doesn't seem to be working

IP address spoofing ACL

Prevent Pings from outside addresses

Fixup SMTP stops mail traffic???

Re: Sanity check on ACL please

Re: Prevent Pings from outside addresses

Re: Prevent Pings from outside addresses

Re: ASA5540 with a SSM20 and seeing 192.168.0.X addresses

Re: Redundant AIP SSM-20 Config Replication?