Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Opinions on external ping

I have an external SOHO customer with an 800 series router. (We are a third-party support service.) We have implemented a number of security features on the router.

What's the general opinion on disabling ping replies? Is it a good idea? The ISP has no objections to disabling pings. Should it be ACL'd to allow pings only from our network? If we deny echo-reply, does it also stop traceroute?

Thanks.

2 REPLIES
Silver

Re: Opinions on external ping

I allow ping because it is so easy for users to understand. Blocking echo-reply should not stop traceroute - traceroute uses different icmp types

New Member

Re: Opinions on external ping

It is a good idea to disable PING replies, even traceroutes..

Check this link,

http://www.ccnaprep.com/securityciscorouters.htm

107
Views
0
Helpful
2
Replies