Solved

how to create an ACl on cisco router to accept icmp from particular host and deny all others

Posted on 2011-03-21
4
534 Views
Last Modified: 2012-06-21
I want to set an ACL on Gigabit Interface on the router to accept icmp from only one host and deny all request of ICMP from all others.

Thanks and regards

Saqib
0
Comment
Question by:nocinfospan
  • 2
4 Comments
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 35182542
You could try something like...


access-list 100 permit icmp host 1.1.1.1 any
access-list 100 deny icmp any any
access-list 100 permit ip any any

int gi0/0
ip access-class 100 in
0
 
LVL 1

Author Comment

by:nocinfospan
ID: 35192212
i have set "ip access-group 100 in" because i do not have any other option under my int gig0/0 .. But after applying all the above lines do not work it still able to ping from other hosts as well.
0
 
LVL 9

Expert Comment

by:DanJ
ID: 35241300
apply these under the vty lines
for instance

line vty 0-4
access-class 100 in

the number of vty lines are platform dependant. To cover all lines type line vty 0 ?
in this case the last vty line is 807
R2(config)#line vty 0 ?
  <1-807>  Last Line number
0
 
LVL 1

Author Closing Comment

by:nocinfospan
ID: 35380694
its not a complete solution i have to do some more things to acheive that functionality
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question