Cluebird,
That approach wouldn't work in this scenario, because packets that originate from a router are not filtered by an outgoing ACL. The ping responses in this case would originate from the router, so I don't think that would work.
Cheers.
Lundah,
Well, with the car dealership scenario, if you do not block pings from the e0 interface then a host from an outside network can ping that interface and detect the router. Just because that interface doesn't face the outside world, doesn't mean that it can't be pinged from the outside...
Looks right to me. The only one that's a bit of a mystery is the max hop count for EIGRP. Lammle's book says 255, while a practice exam question from Odom's book says 224. Found only a couple of references on Google - one of which was an EIGRP powerpoint slide from the Cisco Networking Academy -...
Hauchinago,
If the intent of the question is to protect the router from unsolicited pings, then ignoring the LAN interface would fall short of a complete answer. So I'm guessing that you would need to. Plus, from what I can gather, the question appears to ask for 3 lines - to remove that line...
The problem with your access list is that you are blocking ALL the different type of ICMP messages that exist; TTL exceeded, port unreachable, source quench, etc, etc, and ping ofcourse. Now, I'm assuming that the question requires that you only block ping. But, there are two types of ping...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.