From: Nitro Drops (nitrodrops@hotmail.com)
Date: Sat Oct 18 2008 - 00:14:45 ART
Nope, i tried to telnet from R1, so the source will be R1's s1/1 10.10.10.1.
Understand that local traffic will not hit ACL.
> From: dcp@dcptech.com
> To: ccie820@gmail.com; ccielab@groupstudy.com
> Subject: RE: Access list question
> Date: Fri, 17 Oct 2008 16:26:21 -0400
>
> What kind of traceroute, different implementations work in differnet ways.
> Typical unix/cisco traceroute sends a packet to the destination using
> udp/33434 and then increments them by one for each hop. So you could block
> everything destined to these ports.
>
> Access-list 100 deny udp any any range 33434-33464
> Access-list 100 permit ip any any
>
> --
> http://dcp.dcptech.com
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > ccie820@gmail.com
> > Sent: Friday, October 17, 2008 3:55 PM
> > To: ccielab@groupstudy.com
> > Subject: Access list question
> >
> > *All,
> >
> > Is there way to block traceroutes and allow pings ?
> > Your help will be very much appreciated.
> >
> > GG
> > *
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:21 ARST