<div>
What you see in the logs is not icmp-traffic, it is tcp-traffic to your pptp-port (1723). Unless you use pptp-based vpn you can simply block all incoming pptp-traffic.<br />
<br />
access-list YOURINBOUNDACL deny tcp any SERVERIP eq 1723.<br />
<br />
Best regards<br />
Kvistofta<br />

</div>


What you see in the logs is not icmp-traffic, it is tcp-traffic to your pptp-port (1723). Unless you use pptp-based vpn you can simply block all incoming pptp-traffic.

access-list YOURINBOUNDACL deny tcp any SERVERIP eq 1723.

Best regards
Kvistofta


<div>
access-list 101 deny icmp any any Blocks any ICMP sent messages.
</div>


access-list 101 deny icmp any any Blocks any ICMP sent messages.

<div>
<div class="content wysiwyg-content">
We have some hosts or a host that seems to disconnect all the vpn client on my network.<br />
<br />
I took a look at the server logs and here what is shows<br />
<br />
22116 &nbsp; &nbsp; &nbsp;11:01:17.531532 &nbsp; &nbsp; &nbsp;MY_IP &nbsp; &nbsp; &nbsp;DEST_IP &nbsp; &nbsp; &nbsp;TCP &nbsp; &nbsp; &nbsp;53025 &gt;&nbsp;pptp [SYN]<br />
Seq=0 Win=8192 Len=0 MSS=1460 WS=2 TSV=4447122 TSER=0<br />
<br />
So it seems that some clients seend some icmp destination unreachable on the server. The server somehow close all the connections.<br />
<br />
Is it possible to block those icmp send messages with a cisco 800 series. <br />
<br />
Like deny icmp all all ? Is it going to work ??<br />
<br />
Thanks
</div>
</div>


We have some hosts or a host that seems to disconnect all the vpn client on my network.

I took a look at the server logs and here what is shows

22116      11:01:17.531532      MY_IP      DEST_IP      TCP      53025 > pptp [SYN]
Seq=0 Win=8192 Len=0 MSS=1460 WS=2 TSV=4447122 TSER=0

So it seems that some clients seend some icmp destination unreachable on the server. The server somehow close all the connections.

Is it possible to block those icmp send messages with a cisco 800 series. 

Like deny icmp all all ? Is it going to work ??

Thanks

How to block icmp messages with a cisco router

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.