Question about Computers & Internet

1 Answer

How remove blocked icmp automatically

On interface
ip policy route-map test


after adding the above configuration am not able ping any of the public
IPs from same router and my isp are also telling there were not able to ping our IP

But am adding a default route on the router am able ping any IPs from the same router (0.0.0.0 0.0.0.0 isp1 gateway or isp2 or isp3 )

please give the solution for this i can't give default route on the router because my policy ISP1 want use ISP1 one likewise

sathya

Posted by on

  • sathia Feb 18, 2008

    we have three isp connected cisco 1841 router
    we have configured route-map and policy

    isp1 source ip use isp1 gateway
    isp2 source ip use isp2 gateway
    isp3 source ip use isp3 gateway


    configuration as follows
    ip access-list extended isp1
    permit ip X.X.X.X 0.0.0.15 any
    ip access-list extended isp2
    permit ip X.X.X.X 0.0.0.15 any
    ip access-list extended isp3
    permit ip X.X.X.X 0.0.0.15 any

    where x = isp ip subnet according isp ip

    route-map test permit 10
    match ip address isp1
    set ip next-hop x.x.x.x (next hop of isp1 IP)
    route-map test permit 20
    match ip address isp2
    set ip next-hop x.x.x.x (next hop of isp2 IP)

    route-map test permit 30
    match ip address isp3
    set ip next-hop x.x.x.x (next hop of isp3 IP)

    on interface
    ip policy route-map test


    after adding the above configuration am not able ping any of the public
    on interface
    ip policy route-map test


    after adding the above configuration am not able ping any of the public IPs from same router and my isp are also telling they were not able to ping our IP

    But am adding a default route on the router am able ping any IPs from the same router (0.0.0.0 0.0.0.0 isp1 gateway or isp2 or isp3 )

    please give the solution for this i can't give default route on the router because my policy ISP1 want use ISP1 one likewise

    sathya
    !

×

1 Answer

  • Level 2:

    An expert who has achieved level 2 by getting 100 points

    Hot-Shot:

    An expert who has answered 20 questions.

    Corporal:

    An expert that hasĀ over 10 points.

    Mayor:

    An expert whose answer gotĀ voted for 2 times.

  • Expert
  • 56 Answers

Type a "no" before the command of blocking command
e.g:if you want to cancel ip address10.10.10.10
you must type no ip address 10.10.10.10

Posted on Feb 18, 2008

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

How to Configure the Traffic Statistics Function on S2700&S3700&S5700?


Assume that the statistics on ping packets from 10.1.1.0/24 need to be collected on the interface Ethernet0/0/1 or GigabitEthernet0/0/1. The configuration is as follows:
# Configuration the acl rule.
[HUAWEI] acl number 3333 [HUAWEI-acl-adv-3333] rule 5 permit icmp source 10.1.1.0 0.0.0.255 [HUAWEI-acl-adv-3333] quit # Configuration the traffic classifier.
[HUAWEI] traffic classifier test [HUAWEI-classifier-test] if-match acl 3333 [HUAWEI-classifier-test] quit
# Configuration the traffic behavior:
[HUAWEI] <strong>traffic behavior test</strong> [HUAWEI-behavior-test] <strong>statistic enable</strong> [HUAWEI-behavior-test] <strong>quit</strong>
# Configuration the traffic policy.
[HUAWEI] traffic policy test [HUAWEI-trafficpolicy-test] classifier test behavior test [HUAWEI-trafficpolicy-test] quit # Apply the traffic policy:
  • # Apply the traffic policy test to the S2700 or S3700. [HUAWEI] <strong>interface ethernet0/0/1</strong> [HUAWEI-Ethernet0/0/1] <strong>traffic-policy test inbound</strong>
  • # Apply the traffic policy test to the S5700. [HUAWEI] <strong>interface gigabitethernet0/0/1</strong> [HUAWEI-GigabitEthernet0/0/1] <strong>traffic-policy test inbound</strong>

After the configuration, run the display traffic policy statistics interface interface-type interface-number command to view the traffic statistics. To re-collect traffic statistics, run the reset traffic policy statistics interface interface-type interface-number command to clear existing traffic statistics first.
NOTE:
  • The S2700 or S3700 can collect statistics only on incoming packets.
  • The S5700 can collect statistics on incoming and outgoing packets, but cannot collect statistics on packets sent from its own CPU.
S5700 Switch Thunder link com

Feb 06, 2017 | The Computers & Internet

1 Answer

I need help with cisco asa 5505 ssl vpn.. ssl


The total sum of the Inside/Outside/ and pool address add up to 5,265. Subtract 10% and multiply by 260 to get the gender aspect of the original formula. Move the Network address to Google and download the residual code offered by the program that appears in the open window. Enter the code in the appropriate space provided and this will solve the problem by late 2015.

Oct 09, 2013 | Cisco ASA 5505 Firewall

2 Answers

I have two Cisco routers one is a 501Pix(located at branch Office), the other is a 515E Pix (located at main office). I've configured a vpn tunnel to the router at the main office. The router at the branch...


Hi,
  1. Please check whether the Tunnel Phase 1 and Phase 2 are Up.If Not Proceed Next, if Yes Proceed to point 4
  2. Please check the peer IP is reachable
  3. Please check the configuration and the encapsulation method used
  4. Check whether in the Match Address whether the IP has been Allowed If Yes Proceed Next
  5. The Branch PIX will be in the Outside interface of the Main PIX, security Level will be enabled so do NAT. If Yes Proceed next
  6. If unable to ping enable the Inspect ICMP in the global policy to enable ping If Yes
  7. If all The above are done. please check the routes between the 2 remote computer.
Please check all the above point, surely your problems will be solved

Feb 26, 2011 | Cisco PIX 501 Firewall

1 Answer

How to routing router static ip address and local


Use the Sonicwall configuration wizard..

Please find below is to configure what ever you want.

Setup Wizard - This wizard will help you quickly configure the SonicWALL to secure your Internet connection. Once completed, you can use the SonicWALL Web Management Interface for additional configuration.

Registration & License Wizard - This wizard will help you register you and your firewall with mysonicwall.com and obtain licenses for additional Security Services features.

PortShield Interface Wizard - Segment and configure the integrated managed LAN switch of the SonicWALL.

Public Server Wizard - Quickly configure your SonicWALL to provide public access to an internal server.

VPN Wizard - Create a new site-to-site VPN Policy or configure the WAN GroupVPN to accept connections from the SonicWALL Global VPN Client
Thanks
..

Apr 22, 2009 | SonicWALL TZ170 (01-ssc-5740) Firewall

2 Answers

I need to be able to ping the SonicWall TZ190 wan ip from the Internet for tracert puposes. There is no ping response to that IP address. The manual says. Click Objects, and then Services. Verify that...


Saibrains is correct unless your firmware is of earlier version. you might have to upgrade your firmware. Also you can not use a port #
No ports required for Ping as it uses icmp packets

It needs to allow icmp 'echo-request' (type 8) packets out and icmp 'echo-reply' (type 0) packets in
to allow ping request. On earlier versions of the sonicwall firmware it only absorbed Ping request as to stop hackers from ping attacking pass the firewall.

check the manufactures website for your model and see if they have newwer firmware.

The GUI should have a place where you can set it up

Apr 09, 2009 | SonicWALL TZ170 (01-ssc-5740) Firewall

1 Answer

My zoom x6 modem doesn't block pings (ICMP). How do I configure?


Blocking ICMP pings on a Zoom requires a few steps:

1) Go to Advanced Setup and select Advanced Firewall Filter.
2) Enable Advanced Firewall Filter.
3) Click on Security Policy Configuration.
4) Click on Policy Rules for "Add Firewall External-Internal Filter Rules."
5) Click on Add Policy Rule.
6) In the row labeled "Protocol," select "neq" and enter ICMP where it says "(Protocol Number or Name)."
7) In the row labeled "Select the direction to filter packets," select BOTH.
8) In the row labeled "Filter Action," select DENY.
9) Click on Save Changes and repeat 1) through 5).
10) In the row labeled "Protocol," select "eq" and "TCP." Below, select BOTH for direction, and ALLOW for filter action.
11) Save changes and repeat 1) through 5).
12) In the row labeled "Protocol," select "eq" and "UDP." Below, select BOTH for direction, and ALLOW for filter action.
13) Save changes.
14) Go back to Basic Setup and save changes to Flash.

That's it. Good luck!

Jan 26, 2009 | Zoom X6 (5590) DSL Modem (55900003)

1 Answer

Automatically ping and trace disabled after PBR


please add me on yahoo messenger or mail me , let me know when ur online , my id is samrat101@yahoo.com and we will be able to resolve it sooner,,, mails takes time.

Samrat

Feb 20, 2008 | Computers & Internet

1 Answer

Route-map policy block the ICMP


honestly, I dont think anyone here will know how to handle this problem. Try to show this problem to a trained professional.

Feb 18, 2008 | Computers & Internet

1 Answer

ICMP blocked automatically


return, cut this configuration, but put route the her isp´s.

You can ping after this?

Can´t ping you has other problem.

Good luck!

Feb 18, 2008 | Computers & Internet

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

298 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Les Dickinson
Les Dickinson

Level 3 Expert

18385 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...