<div>
perfect donjohnston. &nbsp;thanks a lot.
</div>


<div>
<div class="content wysiwyg-content">
I am a router newbie who has a Cisco 1841 providing a point-to-point T1 connection to my ISP. &nbsp;The router in question is failing a security audit because it has ICMP allowed. &nbsp;It looks to me like ICMP is being denied, but when I try to ping the router I get a response saying &quot;Reply from x.x.x.x: TTL expired in transit.&quot;<br />
<br />
The portion of my ACL that pertains to ICMP looks like this:<br />
<br />
access-list 105 permit icmp any any packet-too-big<br />
access-list 105 permit icmp any any source-quench<br />
access-list 105 permit icmp any any time-exceeded<br />
access-list 105 permit icmp any any echo-reply<br />
access-list 105 deny &nbsp; icmp any any<br />
<br />
Does the 'permit icmp any any echo-reply' override the 'deny icmp any any'? &nbsp;I haven't really delved into what the other icmp permits are doing, either. &nbsp;<br />
<br />
Thanks,<br />
Scott
</div>
</div>


I am a router newbie who has a Cisco 1841 providing a point-to-point T1 connection to my ISP.  The router in question is failing a security audit because it has ICMP allowed.  It looks to me like ICMP is being denied, but when I try to ping the router I get a response saying "Reply from x.x.x.x: TTL expired in transit."

The portion of my ACL that pertains to ICMP looks like this:

access-list 105 permit icmp any any packet-too-big
access-list 105 permit icmp any any source-quench
access-list 105 permit icmp any any time-exceeded
access-list 105 permit icmp any any echo-reply
access-list 105 deny   icmp any any

Does the 'permit icmp any any echo-reply' override the 'deny icmp any any'?  I haven't really delved into what the other icmp permits are doing, either.  

Thanks,
Scott

How exactly do I disable ping on a Cisco 1841?

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Networking Protocols

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.