Eric W wrote: > > All I am still fairly new with ACL's. However I m interested in > blocking ICMP to my network behind router A (Interface e0/1 = my > network). But when a icmp request is issued from the outside > the router > replys with packet filtered from (interface e0/0 = outside > network) ACL > is applied on in coming traffic though e0/0.
You need to find out exactly what the router is really sending. There's no such packet as "packet filtered." However, there is an ICMP message "packet administratively prohibited" that routers and other devices can send. It's ICMP type 3, code 13. You could filter that with an ACL. That would be outbound on the e0/0 outside interface. You could also block all ICMP. Security policy often states that routers and firewalls should silently discard blocked packets. But making them be silent can be difficult. What do others of you do? Priscilla > > > > How do I get the router stop replying to the outside world > (packet > filtered). > > > > Regards, > > > > Eric Washington > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74368&t=74365 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
