Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments
COURSE of the MONTH
8 days, 7 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Access List
Posted on 2008-09-30
I created a Access-list called blockserver,
extended ip access list blockserver
permit ip host 190.150.142.70 host 192.168.62.27
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Also the cisco has two gateways 190.150.142.99 and 192.168.62.1
When I ping from computer (192.168.62.27) to computer (190.150.142.70), the cisco blocks. Which I want. The deny statement matches 4 times.
However, when I ping from computer(190.150.142.70) to computer (192.168.62.27), the cisco also blocks. Which I do not want. The permit statement matches 4 times and the deny matches 4 times.
I want to be able to let computer (190.150.142.70) ping computer (192.168.62.27) and stop computer (192.168.62.27) from pinging computer (190.150.142.70).
extended ip access list blockserver
permit ip host 190.150.142.70 host 192.168.62.27
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Also the cisco has two gateways 190.150.142.99 and 192.168.62.1
When I ping from computer (192.168.62.27) to computer (190.150.142.70), the cisco blocks. Which I want. The deny statement matches 4 times.
However, when I ping from computer(190.150.142.70) to computer (192.168.62.27), the cisco also blocks. Which I do not want. The permit statement matches 4 times and the deny matches 4 times.
I want to be able to let computer (190.150.142.70) ping computer (192.168.62.27) and stop computer (192.168.62.27) from pinging computer (190.150.142.70).
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
You would need to allow icmp echo-reply back through. The DENY is catching the echo and blocking it.
try this instead:
permit ip host 190.150.142.70 host 192.168.62.27
permit icmp host 192.168.62.27 host 190.150.142.70 echo-reply
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
try this instead:
permit ip host 190.150.142.70 host 192.168.62.27
permit icmp host 192.168.62.27 host 190.150.142.70 echo-reply
deny ip host 192.168.62.27 host 190.150.142.70
permit ip any any
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
Powerful tools can do wonders, but only in the right hands. Nowhere is this more obvious than with the cloud.
Both in life and business – not all partnerships are created equal.
As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’
As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month8 days, 7 hours left to enroll
765 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.