From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Sat Aug 26 2006 - 15:48:34 ART
If the task is not giving you the source or destination of the ping
traffic or using the words like inbound or outbound then "ping" should
cover both echo and echo-reply.
Another example would be telnet. If a task states to deny all telnet
traffic through the router on a particular interface without giving you
the location of the server and/or clients then you should filter like
below:
access-list 100 deny tcp any any eq 23
access-list 100 deny tcp any eq 23 any
access-list 100 permit ip any any
HTH!
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Dusty
Sent: Saturday, August 26, 2006 9:29 AM
To: ccielab@groupstudy.com
Subject: ping traffic
Hi group,
Sorry for silly question. In general speaking when we say restrict ping
traffic into the router, does it mean only restrict echo or both echo
and
echo-reply?
Thanks.
Dusty
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:58 ART