CCNA ICND2 Lab 9 – Use Extended ACL to Block ping Command


Lab Topology:

Lab Requirements:

1. The router names are P4S1 and P4S2.

2. The S1/1 interface of P4S1 is connected to that of P4S2. The S1/1 interface of P4S2 is the DCE end.

3. Use the ping command on P4S1 to test the connectivity to P4S2 and access P4S2 from Telnet.

Lab Process:

1. Configure enable password and VTY password on P4S2. Both passwords are ciscobible.

2. Perform basic configurations on both routers.

2.1 Configure P4S1:

P4S1(config)#int s1/1

P4S1(config-if)#ip add

P4S1(config-if)#clock rate 64000

P4S1(config-if)#no shut

2.2 Configure P4S2:

Router(config)#host P4S2

P4S2(config)#enable password ciscobible

P4S2(config)#line vty 0 4


P4S2(config-line)#password ciscobible


P4S2(config)#access-list 100 deny icmp any any

P4S2(config)#access-list 100 permit ip any any

P4S2(config)#int s1/1

P4S2(config-if)#ip add

P4S2(config-if)#no shut

P4S2(config-if)#ip access-group 100 in



Run the ping command on P4S1 to test the connectivity to P4S2. Data packets can reach P4S2.

Run the telnet command on P4S1 to access P4S2 successfully.

[Report Dead Link] Please leave a comment or send email to report dead links, so that we will update new links within 24 hours.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.