From: Edouard Zorrilla (ezorrilla@tsf.com.pe)
Date: Wed Feb 06 2008 - 13:01:23 ARST
Hello,
When I am supposed to make icmp pass thru the Firewall, should I use :
1.- The protocol type 1 and then the sub type - echo and echo reply are 0
and 8 if asked for these ones.
or
2.- The udp ports stated in : http://www.iana.org/assignments/port-numbers ,
Please let me know,
Regards
----- Original Message -----
From: "Victor Cappuccio" <Victor.Cappuccio@globalknowledgespain.es>
To: "itsfortarget iwillgetit" <itsfortarget@gmail.com>; "Cisco
certification" <ccielab@groupstudy.com>
Sent: Tuesday, February 05, 2008 3:44 PM
Subject: RE: ICMP portnumber
> Hi,
>
> http://www.faqs.org/rfcs/rfc792.html
>
> R1(config)#ip access-list extended 101
> R1(config-ext-nacl)#10 permit icmp any any ?
> <0-255> ICMP message type
> administratively-prohibited Administratively prohibited
> alternate-address Alternate address
> conversion-error Datagram conversion
> dod-host-prohibited Host prohibited
> dod-net-prohibited Net prohibited
> dscp Match packets with given dscp value
> echo Echo (ping)
> echo-reply Echo reply
> fragments Check non-initial fragments
> general-parameter-problem Parameter problem
> host-isolated Host isolated
> host-precedence-unreachable Host unreachable for precedence
> host-redirect Host redirect
> host-tos-redirect Host redirect for TOS
> host-tos-unreachable Host unreachable for TOS
> host-unknown Host unknown
> host-unreachable Host unreachable
> information-reply Information replies
> information-request Information requests
> log Log matches against this entry
> log-input Log matches against this entry, including
> input
>
> R1(config-ext-nacl)#10 permit icmp any any 1 ?
> <0-255> ICMP message code
> dscp Match packets with given dscp value
> log Log matches against this entry
> log-input Log matches against this entry, including input interface
> precedence Match packets with given precedence value
> reflect Create reflexive access list entry
> time-range Specify a time-range
> tos Match packets with given TOS value
> <cr>
>
>
> thanks,
> ---
> Victor Cappuccio.-
> CCSI #31452
>
> Global Knowledge Spain
>
> -----Mensaje original-----
> De: nobody@groupstudy.com en nombre de itsfortarget iwillgetit
> Enviado el: mar 05/02/2008 9:45
> Para: Cisco certification
> Asunto: ICMP portnumber
>
> Dear Team,
>
> Could please come across the port number used by ICMP packet.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
> ___________________________________________________
> Global Knowledge Network Spain, S.L.U.
> T: +34 91 425 06 60
> CIF: B-81366668
> Direccisn Fiscal: Edificio Indocentro
> Calle de la Retama 7, 6a planta
> 28045 - Madrid. Espaqa
>
> DESCARGO DE RESPONSABILIDAD:
> La informacisn contenida en este e-mail es de caracter privilegiado y
> confidencial, y para el uso exclusivo del receptor del mismo. Cualquier
> otra
> persona que no sea la receptora del mensaje no debe distribuir, usar o
> copiar
> todo o alguna parte de dicho e-mail sin el consentimiento explicito de
> Global
> Knowledge. Si usted ha recibido este e-mail por error debe borrarlo
> completamente asm como cualquier archivo adjunto y notificar
> inmediatamente,
> respondiendo por e-mail, a la persona que lo haya enviado.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:47 ARST