From: NITIN NITIN (ccie_study_123@yahoo.com)
Date: Tue Jul 31 2007 - 15:20:37 ART
Hi Experts,
I have these ACL applied on int and cant ping my own ip why ?????
although inbound icmp echo is denied ....... icmp echo-reply is permit
Rack1R4#sh access-lists R3-in
Extended IP access list R3-in
10 deny icmp any any echo (48 matches)
20 permit ip any any (1946 matches)
Rack1R4#sh access-lists R3-out
Extended IP access list R3-out
10 deny icmp any any time-exceeded log
20 deny icmp any any port-unreachable log
30 permit ip any any
Rack1R4#ping 204.12.1.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 204.12.1.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/77/100 ms
Rack1R4#ping 204.12.1.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 204.12.1.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Rack1R4#sh access-lists R3-in
Extended IP access list R3-in
10 deny icmp any any echo (53 matches)
20 permit ip any any (1981 matches)
Regards
---------------------------------
Shape Yahoo! in your own image. Join our Network Research Panel today!
This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:42 ART