Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

access-list question

i have access-list applied on route r interface--

interface Ethernet0/1

description Pt-Pt Connection to ATT CE Router

ip address 10.137.255.254 255.255.255.252

ip access-group 190 out

ip directed-broadcast

half-duplex

i have few servers connected to switch in network.i can ping the servers from switch and also from there gateway which is router.but not from outside

i found access list on router

Extended IP access list 190

which shows

deny icmp any any echo-reply (23151 matches)

deny icmp any any echo (15906 matches)

is this reason why i can not ping server from outside

1 REPLY
Hall of Fame Super Silver

Re: access-list question

mahesh

That certainly does look like the reason. This line in the access list:

deny icmp any any echo-reply (23151 matches)

denies the ping response (echo-reply is the response to ping). And since it is applied outbound to the outside it would deny any ping response to requests generated from outside.

HTH

Rick

96
Views
0
Helpful
1
Replies
CreatePlease to create content