Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
353
Views
0
Helpful
3
Replies

Blocking ICMP Packets

admin_2
Level 3
Level 3

‎03-29-2004 08:28 PM - edited ‎03-02-2019 02:38 PM

How can I block ICMP packets on all the switches

Labels:
0 Helpful
3 Replies 3

gdelarosa
Level 1
Level 1

‎03-29-2004 08:46 PM

You can block ICMP by creating an access-list like this:

access-list X deny icmp any any echo

access-list X deny icmp any any echo-reply

X= any number.

-Gabriel

0 Helpful

fil234
Level 1
Level 1

‎03-31-2004 05:27 AM

You must create an access list (extended) on all your switches like this:

hostname>enable

hostname#configure terminal

hostname(config)access-list 100 deny icmp any any echo

hostname(config)access-list 100 deny icmp any any echo reply

hostname(config)interface s0 (for example- you must specify your interface over wich the packets exit or enter)

ip access-group 100 in/out

in if your packets enter on the switch. out if your packets exit from your switch.

you must look the your network diagram and follow the above directions.

Write me at filippo.ceruti1982@libero.it for more info. I will happy to help you

Bye Filippo Ceruti

0 Helpful

fil234
Level 1
Level 1
In response to fil234

‎03-31-2004 05:43 AM

I have forget a command: after you typed access-list 100 deny icmp any any echo reply, you must type this:

hostname(config) access-list 100 permit ip all

and follow the other commands!

0 Helpful
Customers Also Viewed These Support Documents