Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Blocking ICMP Packets

How can I block ICMP packets on all the switches

3 REPLIES
Community Member

Re: Blocking ICMP Packets

You can block ICMP by creating an access-list like this:

access-list X deny icmp any any echo

access-list X deny icmp any any echo-reply

X= any number.

-Gabriel

Community Member

Re: Blocking ICMP Packets

You must create an access list (extended) on all your switches like this:

hostname>enable

hostname#configure terminal

hostname(config)access-list 100 deny icmp any any echo

hostname(config)access-list 100 deny icmp any any echo reply

hostname(config)interface s0 (for example- you must specify your interface over wich the packets exit or enter)

ip access-group 100 in/out

in if your packets enter on the switch. out if your packets exit from your switch.

you must look the your network diagram and follow the above directions.

Write me at filippo.ceruti1982@libero.it for more info. I will happy to help you

Bye Filippo Ceruti

Community Member

Re: Blocking ICMP Packets

I have forget a command: after you typed access-list 100 deny icmp any any echo reply, you must type this:

hostname(config) access-list 100 permit ip all

and follow the other commands!

116
Views
0
Helpful
3
Replies
CreatePlease to create content