subject:"\[OSL \| CCIE_Security\] Best option to drop ICMP unreachables"

Re: [OSL | CCIE_Security] Best option to drop ICMP unreachables

2012-06-15 Thread Eugene Pefti

@onlinestudylist.com ccie_security@onlinestudylist.commailto:ccie_security@onlinestudylist.com Subject: [OSL | CCIE_Security] Best option to drop ICMP unreachables Question, What is the best option to drop ICMP unreachable on the switch itself? I saw that one exercise they created an IP local policy and send

Re: [OSL | CCIE_Security] Best option to drop ICMP unreachables

2012-06-15 Thread Mike Rojas

Ohh, but you can put vlan-list all... So that is why I wonder if they do the same thing... Mike From: eug...@koiossystems.com To: mike_c...@hotmail.com; ccie_security@onlinestudylist.com Subject: Re: [OSL | CCIE_Security] Best option to drop ICMP unreachables Date: Fri, 15 Jun 2012 08:09:32

[OSL | CCIE_Security] Best option to drop ICMP unreachables

2012-06-14 Thread Mike Rojas

Question, What is the best option to drop ICMP unreachable on the switch itself? I saw that one exercise they created an IP local policy and send it out to the Null 0 interface. What I did was to configure a vlan filter matching all ICMP unreachable... Both work fine... It said because it