Solved

i want to allow ping out the network but i dont want outside int to respond to ping

Posted on 2006-11-07
4
154 Views
Last Modified: 2010-04-09
can i accomplish this with fixup? I don't want my outside IP responding to pings, however, from inside, i want to be able to ping\trace to the outside.
0
Comment
Question by:jaysonfranklin
  • 2
  • 2
4 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 50 total points
Comment Utility
Not with fixup.
The command you want is "icmp", with an acl to allow icmp messages originating from an internal request

 icmp deny any any outside <== prevents the outside interface from responding to ping
\\-- you must integrate the following with any existing inbound access-list

 access-list outside_in permit icmp any any echo-reply
 access-list outside_in permit icmp any any unreachable
 access-list outside_in permit icmp any any time-exceeded



 




0
 
LVL 1

Author Comment

by:jaysonfranklin
Comment Utility
So i don't specify 'icmp deny any any outside echo-reply', unreachable, etc.? just plain old 'deny any any ouside' seems to be working but all i've done is ping it. I just don't want it showing up in any kind of scan. acl seems fine. thanks dood!
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
icmp deny any any command is your key to cloaking yourself from the world..
0
 
LVL 1

Author Comment

by:jaysonfranklin
Comment Utility
Sweet. Thanks for sharing.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This video discusses moving either the default database or any database to a new volume.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now