From: Roger, Michael (Michael.Roger@xxxxxxxxxxxxx)
Date: Fri Aug 25 2000 - 18:26:03 GMT-3
Access-list will not work if the ping is sourced from the router... do an
extended ping from one of the other interfaces and see if that works. There
is no permit anywhere in the access list so everything will be blocked.
mike
-----Original Message-----
From: Harbir Kohli [mailto:harbirk@sympatico.ca]
Sent: Friday, August 25, 2000 4:15 PM
To: 'Ccielab
Subject: Access list to deny ping
Hello Group
I seem to have problems getting an access-list to work.
R1 - Ethernet - R2 -Serial -R3 -Lo0
I want to prevent ping from being sent to R3.Lo0.
I wrote
Router R1
access-list 101 deny icmp any any echo
access-list 101 deny icmp any any echo-reply
and
int e0
ip access-group 101 out
Yet my pings still seem to get through
What is wrong ?
BTW will the above access-list also deny all IP traffic due to the
implicit deny or not ?
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:30 GMT-3