localgareth
asked on
ACL on Cisco router to restrict incoming traffic to ping only
Hi Guys
I want to create an ACL to allow anything to leave my network via the ISDN interface of my Cisco router, but restrict incoming data to pings only. I don't want outgoing FTP sessions to be affected... does something magical need to happen for FTP?
I think this is something like...
access-list 151 allow ip any any
... then in my interface....
ip access-group 151 out
Not sure about the incoming ping bit!
Any information would be much appreciated.
Gareth
I want to create an ACL to allow anything to leave my network via the ISDN interface of my Cisco router, but restrict incoming data to pings only. I don't want outgoing FTP sessions to be affected... does something magical need to happen for FTP?
I think this is something like...
access-list 151 allow ip any any
... then in my interface....
ip access-group 151 out
Not sure about the incoming ping bit!
Any information would be much appreciated.
Gareth
ASKER
Cyber-Dude, when I said "any information"... I was hoping for a bit more than that :-D
Gareth
Gareth
Ah; I gave you the exact command;
Go to the following link -=[All info over there]=-
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_command_reference_chapter09186a008010a37a.html#wp1078414
Cyber
Go to the following link -=[All info over there]=-
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_command_reference_chapter09186a008010a37a.html#wp1078414
Cyber
ASKER
Oh rite... thanks.
So does this have precedence over ACLs? If incoming traffic is explicitly denied with an ACL, will "information-reply" over rule this?
Gareth
So does this have precedence over ACLs? If incoming traffic is explicitly denied with an ACL, will "information-reply" over rule this?
Gareth
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Are you still working on this? Can we be of any more assistance?
Can you close out this question?
Can you close out this question?
ASKER
Sorry for taking so long to get back...
Gareth
Gareth
Cyber