Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACL Help

What will be the ACL on the router looks like if I want to deny anyone trying to ping outside from inside/LAN? (Permit ping from Outside to inside/LAN). Please HELP!

2 REPLIES

Re: ACL Help

Why would you want to let pings to be blocked from inside to be outside, and enable pings from outside to inside ?

Silver

Re: ACL Help

Try this:

access-list 101 deny icmp any any echo

and apply to LAN/inside interface of your router:

int e0

ip access-group 101 in

You can also change the first 'any' in access-list for your LAN address range:

access-list 101 deny icmp A.B.C.0 0.0.0.255 any echo

Anyway, as thisisshanky says, you still let your inside LAN hosts to reply pings from outside to inside. If you also want to deny this just add:

access-list 101 deny icmp any any echo-reply

Hope this helps

109
Views
0
Helpful
2
Replies
CreatePlease to create content