Block ICMP within network with PIX\ASA

CRS1 · Nov 23, 2009

Hey Guys,

Question about blocking ICMP\PING within a small network using a PIX\ASA. The PIX\ASA are used for Internet access.

The ultimate goal is to block PC's within a small network from pinging eachother. The IP scheme is 192.168.10.0/24.

What should the ACL look like?

Any suggestion would be Great!

Thanks!

North323 · Nov 23, 2009

what does the network consist of? workstations? do they all go through the ASA? is there a closet switch involved?

Supergrrover · Nov 23, 2009

the pix won't do that. you will need a managed switch with that capability.

Brent
Systems Engineer / Consultant
CCNP, CCSP

CRS1 · Nov 23, 2009

I had a feeling about that...

The network consist of one PIX in a small office with 5 computers and one server. There are no closets involved. It's a VERY small office.

North323 · Nov 23, 2009

if all the devices are on the ASA and you are able to set up vlans you can do it. but if its going through an 8 port switch or something than NO you cant

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Block ICMP within network with PIX\ASA

CRS1

MIS

North323

Technical User

Supergrrover

IS-IT--Management

CRS1

MIS

North323

Technical User

Similar threads

Part and Inventory Search

Sponsor