traceroute and ACL

From: cisco monster (cisco.monster@gmail.com)
Date: Wed Mar 14 2007 - 14:37:15 ART

• Next message: Sean.Zimmerman@clubcorp.com: "Failed 2nd Attempt at RTP Yesterday"
• Previous message: Eli Kosharovsky: "RE: Cisco Documentation CD"
• Next in thread: Todd, Douglas M.: "RE: traceroute and ACL"
• Maybe reply: Todd, Douglas M.: "RE: traceroute and ACL"
• Maybe reply: Edison Ortiz: "Re: traceroute and ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello friends

I want to block traceroute traffic on R5 genrated by R4 destined to Cat-1
but ACL is not working please guide me !!!

Topology

R4 -frame-relay - R5 - fram-relay R3 -eth - Cat-1

R5(config)#do sh ip access
Standard IP access list 1
    10 permit 150.100.1.240
Extended IP access list 120
    10 deny icmp any any traceroute
    20 deny icmp any any port-unreachable
    30 deny icmp any any time-exceeded
    40 permit ip any any (29 matches)

R4(config)#do trace 7.7.7.7

Type escape sequence to abort.
Tracing the route to 7.7.7.7

  1 16.16.45.5 32 msec 28 msec 32 msec
  2 16.16.235.3 104 msec 108 msec 104 msec
  3 16.16.23.7 104 msec * 104 msec

• Next message: Sean.Zimmerman@clubcorp.com: "Failed 2nd Attempt at RTP Yesterday"
• Previous message: Eli Kosharovsky: "RE: Cisco Documentation CD"
• Next in thread: Todd, Douglas M.: "RE: traceroute and ACL"
• Maybe reply: Todd, Douglas M.: "RE: traceroute and ACL"
• Maybe reply: Edison Ortiz: "Re: traceroute and ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART