Question : Problem: deny icmp?

I add this line to my configuration "access-list 101 deny icmp any any", but everybody can do ping to my public ip
what is wrong?

Answer : Problem: deny icmp?

defining the acl is not enough

- you need to apply it, something like

interface Ethernet0
ip access-group 101 in

- you have to make sure that no other line in that acl is "undoing" the effect. For instance :

access-list 101 permit icmp any any
(bunch of other rules)
access-list 101 deny icmp any any

would obviously not work.

If you're a beginner, be _very_ careful when playing with acls. One can easily make big mistakes (speaking by experience)

Random Solutions

Problem: Why slow scheduled scans after upgrade to 10.2

Problem: Cannot get mouse to work in MS-Dos Shell

Problem: Screen goes blank after booting up to XP logo

Problem: How to obtain a "sh ver" for a CISCO 3548-XL-EN

Problem: NIC Teaming

Problem: Cisco 2600 ip nat pool Cisco2611-natpool-1 169.254.53.25 169.254.53.30 netmask 255.255.255.248 error

Problem: Installing PCI graphics card causes windows 2k to not boot.

Problem: Quicktime tool bar does not show in web browser in Vista 64

Problem: igel thin client

Problem: Treble & Bass settings on sound card.