[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Stop IP from surfing in Cisco 2620 - ATTN lrmoore

Posted on 2004-09-04
Medium Priority
Last Modified: 2012-05-05

Ever since the othr tech responded to our thread, I was asked to pay to see the rest.

All the lines were added over a year 1/2 ago by Cisco tech, and yes I wanted to stop pings and it's working. We had way to many people pinging our site one year and decided to put a stop to it.

Just enter those to command lines and that will take care of it?

Bob Ross

I'll pay you for both if I can figure out how to get in to the other one.

Question by:bross073097
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 79

Accepted Solution

lrmoore earned 2000 total points
ID: 11983876
Looks like you took care of the other question already...

Anyway, here's how to change an access-list. It is a 4-step process.
<hint> cut and paste your current acl into notepad </hint>
1. remove the acl from the interface, i.e.
   interace serial 0/0
    no ip access-group 104 in

2. delete the acl:
   no access-list 104

3. re-input the acl in the new order that you want (you did this in your notepad session with the existing acl)
  Copy the new acl in notepad
  From either telnet session or hyperTerm session, right-click and "paste to host"
  Your new access-list has been input

4. re-apply the acl to the interface
  interace serial 0/0
    ip access-group 104 in

I keep a text script handy with my acls that change once in a while. I can edit the order of the acl and add anything I want, even notes

  interace serial 0/0
    no ip access-group 104 in

  no access-list 104
  access-list 104 remark added as response to IAVA # xxxx
  access-list 104 deny tcp any any 445

  access-list 104 remark added to prevent incoming pings
  access-list 104 deny icmp any any echo
 access-list 104 remark added 9/5/04
  access-list 104 permit tcp any any established
  access-list 104 permit udp any eq domain any
  access-list 104 deny ip any any log

  interace serial 0/0
    ip access-group 104 in
LVL 79

Expert Comment

ID: 13688745
Do you need more information?
Have you resolved this problem?
Can you close this question?

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question