Solved

Stop IP from surfing in Cisco 2620 - ATTN lrmoore

Posted on 2004-09-04
2
181 Views
Last Modified: 2012-05-05
lrmoore,

Ever since the othr tech responded to our thread, I was asked to pay to see the rest.

All the lines were added over a year 1/2 ago by Cisco tech, and yes I wanted to stop pings and it's working. We had way to many people pinging our site one year and decided to put a stop to it.

Just enter those to command lines and that will take care of it?

Thanks
Bob Ross

I'll pay you for both if I can figure out how to get in to the other one.

0
Comment
Question by:bross073097
  • 2
2 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
Comment Utility
Looks like you took care of the other question already...

Anyway, here's how to change an access-list. It is a 4-step process.
<hint> cut and paste your current acl into notepad </hint>
1. remove the acl from the interface, i.e.
   interace serial 0/0
    no ip access-group 104 in

2. delete the acl:
   no access-list 104

3. re-input the acl in the new order that you want (you did this in your notepad session with the existing acl)
  Copy the new acl in notepad
  From either telnet session or hyperTerm session, right-click and "paste to host"
  Your new access-list has been input

4. re-apply the acl to the interface
  interace serial 0/0
    ip access-group 104 in

I keep a text script handy with my acls that change once in a while. I can edit the order of the acl and add anything I want, even notes

  interace serial 0/0
    no ip access-group 104 in

  no access-list 104
  access-list 104 remark added as response to IAVA # xxxx
  access-list 104 deny tcp any any 445

  access-list 104 remark added to prevent incoming pings
  access-list 104 deny icmp any any echo
 
 access-list 104 remark added 9/5/04
  access-list 104 permit tcp any any established
 
  access-list 104 permit udp any eq domain any
  access-list 104 deny ip any any log

  interace serial 0/0
    ip access-group 104 in
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Do you need more information?
Have you resolved this problem?
Can you close this question?
Thanks!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now