can I avoid it somehow?

Exactly.

"ip unreachables" is the default behavior, therefore when router block traffic, it itself will reply with Administratively Prohibited message (ICMP AP). The machine where you ping it from might not intercept it correctly, an just display the dot, but it's there (unless something in the way block it).

To disable locally originated ICMP AP messages: use "no ip unreachables" on interface.

To disable remotely originated ICMP AP messages: use "deny icmp any any administratively-prohibited" then "permit ip any any" and apply on the output.

This isn't something I've ever seen. How are you configuring your ace in your acl, and how is the interface configured?

I know that if you have no ip unreachables, it won't tell you when traffic is dropped; you'll just get time-outs.

Let's say that you are on subnet 10.1.1.0, and you want to ping 10.3.2.0. Your gateway is 10.1.1.1, but your have an acl that denies you to get to 10.3.2.0. If you have ip unreachables enabled, it will tell you that the destination is unreachable with "Destination unreachable." If you enable "no ip unreachables", you'll get time outs. It doesn't respond to you with an administratively prohibited message.

HTH,

John