Hi, i want to block ping bigger than 32 bytes on my network,
how can i do this?
i tried with deny icmp any any packet-too-big and dency icmp any any fragments
but no success.
You can use a class-map / policy-map.
class-map match-all ICMP-BIG
match protocol icmp
match packet length min 1500
Apply the policy-map on the interface.