RE: Took network down with wrong access-list

From: Brian Dennis (brian@5g.net)
Date: Thu Nov 14 2002 - 20:16:12 GMT-3

• Next message: Ahmed Al-Ghawas: "Re: Anyone know about the Medal policy etc... after passing"
• Previous message: Jay Hennigan: "Re: Took network down with wrong access-list"
• Maybe in reply to: Jeongwoo Park: "Took network down with wrong access-list"
• Next in thread: Joe Martin: "RE: Took network down with wrong access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You didn't allow anything with your access-list. You are denying
everything.

Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jeongwoo Park
Sent: Thursday, November 14, 2002 2:03 PM
To: 'ccielab@groupstudy.com'
Subject: Took network down with wrong access-list

Hi all.
I like to share what I did this morning to take an internet connection
down
for one of customers' companies.
 
Internet_router#
 
Interface s0
Ip access-group 100 in
.
.
.
access-list 100 deny icmp any host 172.16.1.10 echo
 
 
I was tring to set up access-list in a way that no one can ping one of
their
servers in their network.
This config took their internet connection down.
I immediately removed it, and it came back normal.
 
What did I wrong?
 
Thanks,
 
JP

• Next message: Ahmed Al-Ghawas: "Re: Anyone know about the Medal policy etc... after passing"
• Previous message: Jay Hennigan: "Re: Took network down with wrong access-list"
• Maybe in reply to: Jeongwoo Park: "Took network down with wrong access-list"
• Next in thread: Joe Martin: "RE: Took network down with wrong access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:00 GMT-3