Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!
Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!
Act now. This offer ends July 14, 2017.
Course Of The Month
7 days, 12 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Access List
Posted on 2008-09-30
I created a Access-list called blockserver,
extended ip access list blockserver
permit ip host 190.150.142.70 host 192.168.62.27
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Also the cisco has two gateways 190.150.142.99 and 192.168.62.1
When I ping from computer (192.168.62.27) to computer (190.150.142.70), the cisco blocks. Which I want. The deny statement matches 4 times.
However, when I ping from computer(190.150.142.70) to computer (192.168.62.27), the cisco also blocks. Which I do not want. The permit statement matches 4 times and the deny matches 4 times.
I want to be able to let computer (190.150.142.70) ping computer (192.168.62.27) and stop computer (192.168.62.27) from pinging computer (190.150.142.70).
extended ip access list blockserver
permit ip host 190.150.142.70 host 192.168.62.27
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Also the cisco has two gateways 190.150.142.99 and 192.168.62.1
When I ping from computer (192.168.62.27) to computer (190.150.142.70), the cisco blocks. Which I want. The deny statement matches 4 times.
However, when I ping from computer(190.150.142.70) to computer (192.168.62.27), the cisco also blocks. Which I do not want. The permit statement matches 4 times and the deny matches 4 times.
I want to be able to let computer (190.150.142.70) ping computer (192.168.62.27) and stop computer (192.168.62.27) from pinging computer (190.150.142.70).
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
You would need to allow icmp echo-reply back through. The DENY is catching the echo and blocking it.
try this instead:
permit ip host 190.150.142.70 host 192.168.62.27
permit icmp host 192.168.62.27 host 190.150.142.70 echo-reply
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
try this instead:
permit ip host 190.150.142.70 host 192.168.62.27
permit icmp host 192.168.62.27 host 190.150.142.70 echo-reply
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market. Every year, Cisco displays cutting-edge technol…
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Both in life and business – not all partnerships are created equal.
As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:
• Key questions to ask when considering a partnership to accelerate your business into the cloud
• Pitfalls and mistakes other partners…
Suggested Courses
Course of the Month7 days, 12 hours left to enroll
Earn Certification
Cisco CCNP Security: SIMOS
$197.00$177.30
Earn Certification
Cisco CCNA Security: IINS v3.0
$197.00$177.30
729 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.