×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

host unreacheble message

Unanswered Question
Feb 6th, 2012
User Badges:

Hi


I have a router 1 and hosts A and B


Router1#

interface vlan 1

ip address 192.168.1.1 255.255.255.0

ip access-group aaa in

ip access-group bbb out


access-list aaa

10 permit tcp host 192.168.1.2 host 192.168.2.2 eq 3389


access-list bbb

10 permit tcp host 192.168.2.2 eq 3389 host 192.168.1.2



when I ping host 192.168.1.2 from 192.168.2.2  I get message ICMP time out.

but I want to see message host unreacheble

How can I do it?


thkx

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cadet alain Mon, 02/06/2012 - 05:47
User Badges:
  • Purple, 4500 points or more

Hi,


if you want to receive administratively prohibited unreachable messages then you have to enable the sending of such message on the L3 interface if it was disabled by issuing the ip unreachable interface command.

You can verify the setting with sh ip interface command.


Regards.


Alain

Latchum Naidu Mon, 02/06/2012 - 05:52
User Badges:
  • Blue, 1500 points or more

Hi,


You cant ping the host because you have permited only 3389 port only.
Why you are getting ICMP time out OR Request Timed Out is....


When you are trying to ping the host, in the other case the packet reaches the destination IP and while on the return trip to the source it gets dropped due to you denied it in the access-list


When the packet does not reach the destination IP due to the unavailability of the IP in the routers routing table or the IP is down on the network or the server is down or other reasons you will get a ” Destination host Unreachable” message


Hope the above clear and understand you.
Please rate all the helpfull posts.
Regards,
Naidu.

Actions

This Discussion