Re: Access list question

From: GG (ccie820@gmail.com)
Date: Tue Oct 21 2008 - 19:00:28 ARST

• Next message: Jonny English: "Re: ospf virtual link Area authentication"
• Previous message: Niklas Eaström: "Fwd: I Failed the lab.......NOT"
• Maybe in reply to: ccie820@gmail.com: "Access list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

*All, I really appreciate all your help!!!!*

On Fri, Oct 17, 2008 at 11:14 PM, Nitro Drops <nitrodrops@hotmail.com>wrote:

> Nope, i tried to telnet from R1, so the source will be R1's s1/1
> 10.10.10.1.
> Understand that local traffic will not hit ACL.
>
> > From: dcp@dcptech.com
> > To: ccie820@gmail.com; ccielab@groupstudy.com
> > Subject: RE: Access list question
> > Date: Fri, 17 Oct 2008 16:26:21 -0400
> >
> > What kind of traceroute, different implementations work in differnet
> ways.
> > Typical unix/cisco traceroute sends a packet to the destination using
> > udp/33434 and then increments them by one for each hop. So you could
> block
> > everything destined to these ports.
> >
> > Access-list 100 deny udp any any range 33434-33464
> > Access-list 100 permit ip any any
> >
> > --
> > http://dcp.dcptech.com
> >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > > ccie820@gmail.com
> > > Sent: Friday, October 17, 2008 3:55 PM
> > > To: ccielab@groupstudy.com
> > > Subject: Access list question
> > >
> > > *All,
> > >
> > > Is there way to block traceroutes and allow pings ?
> > > Your help will be very much appreciated.
> > >
> > > GG
> > > *
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
>
> _________________________________________________________________
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: Jonny English: "Re: ospf virtual link Area authentication"
• Previous message: Niklas Eaström: "Fwd: I Failed the lab.......NOT"
• Maybe in reply to: ccie820@gmail.com: "Access list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:21 ARST