kevingattis
asked on
Access List
I created a Access-list called blockserver,
extended ip access list blockserver
permit ip host 190.150.142.70 host 192.168.62.27
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Also the cisco has two gateways 190.150.142.99 and 192.168.62.1
When I ping from computer (192.168.62.27) to computer (190.150.142.70), the cisco blocks. Which I want. The deny statement matches 4 times.
However, when I ping from computer(190.150.142.70) to computer (192.168.62.27), the cisco also blocks. Which I do not want. The permit statement matches 4 times and the deny matches 4 times.
I want to be able to let computer (190.150.142.70) ping computer (192.168.62.27) and stop computer (192.168.62.27) from pinging computer (190.150.142.70).
extended ip access list blockserver
permit ip host 190.150.142.70 host 192.168.62.27
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Also the cisco has two gateways 190.150.142.99 and 192.168.62.1
When I ping from computer (192.168.62.27) to computer (190.150.142.70), the cisco blocks. Which I want. The deny statement matches 4 times.
However, when I ping from computer(190.150.142.70) to computer (192.168.62.27), the cisco also blocks. Which I do not want. The permit statement matches 4 times and the deny matches 4 times.
I want to be able to let computer (190.150.142.70) ping computer (192.168.62.27) and stop computer (192.168.62.27) from pinging computer (190.150.142.70).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That is right. You need an ACE allowing pings to get through. echo-reply should work but if it doesn't just add another rule that uses echo and that should do it.