The Net-Brainer

The Net-Brainer (http://forums.netbraintech.com/index.php)
-   One-Skill-at-a-Time (http://forums.netbraintech.com/forumdisplay.php?f=18)
-   -   Where to place the ACL if I want to kill all WAN interface traffic? (http://forums.netbraintech.com/showthread.php?t=101)

Chris 06-17-2009 01:57 AM

Where to place the ACL if I want to kill all WAN interface traffic?
 
Hi all:

I need to create an access list to block icmp and I know how to write that statement, but I don't know where to place it so not to kill all traffic on my WAN interface. Any suggestions would be greatly appreciated!
Here is what I configured.
http://www.netbraintech.com/share/AC..._Placement.gif
Do I miss anything such as a permit all statement, so I don't drop all other traffic??

David.C 06-17-2009 02:05 AM

ACL List Placement
 
Yes, you have to add a "permit ip any any" statement to the end of your ACL 111. Please note that a "deny any" statement is automatically appended to all access lists.

Chris 06-17-2009 05:08 AM

Thanks
 
Got it, thx.


All times are GMT -4. The time now is 01:32 AM.

Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright 2009 NetBrain, Inc. All rights reserved.