Is it sufficient to apply the following statement,
deny ip any 10.0.0.0 0.0.0.255
if I want to block PINGs to the 10.0.0.0/8 subnet? Or do I have to use
deny icmp any 10.0.0.0 0.255.255.255?
I am under the impression that the keyword "ip" in the ACL statement is all-encompassing. But that the "icmp" keyword comes in handy if, say, you want to deny icmp, but then allow all other IP traffic
deny icmp any any
permit ip any any
My lab is down, cant try it out now.
Can anyone please do so for me?