This is a ccna Lab showing how to block ping or how to block icmp protocol using ACL configuration on cisco routers.
Learn how to use acl on router to block ping packets. At the same time learn how to allow other packets like telnet ,ssh and other to be allowed on acl.
extended acl lab to block PING
Step 1:Configure IP Address on routers.
Here i assume that you all know how to configure ip address on cisco routers and if you dont know you can read my articles over this.
Step2: Configure Routing on Both Routers.
Static routing configuration on Router R1:
R1(config)#ip route 3.0.0.0 255.0.0.0 2.0.0.2
Static routing configuration on Router R2:
R2(config)#ip route 1.0.0.0 255.0.0.0 2.0.0.1
Step3: Configure Telnet on Router R1:
R1>en R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#enable password ccna R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#
Step4:Now Configure Extended ACL on router R1 so that it will block ping packets but allow others.
R1(config)#access-list 100 deny icmp 3.0.0.0 0.255.255.255 host 2.0.0.1 echo R1(config)#access-list 100 permit ip any any R1(config)#int se0/0/0 R1(config-if)#ip access-group 100 in R1(config-if)#
Step5:Check PING Packets are blocked or not.
icmp blocked using acl configuration on router
Step6: Now also Make sure no other services or protocols except ICMP has been blocked.
It means you must me able to telnet.
Check ACL Rules Configured on Router:
R1#show ip access-lists Extended IP access list 100 10 deny icmp 3.0.0.0 0.255.255.255 host 2.0.0.1 echo 20 permit ip any any
Learn Linux CCNA CEH IPv6 Cyber-Security Online 