task 8.2 access-list to catch icmp unreachable

Hi All,
I think that R4 will send out icmp unreachable message to the source for destination 112.0.0.0/8. Hence the access list to catch these message should be applied on the interface for outbound direction. In the solution, the access list is applied inbound.
Would any one please explain why is that ?
Thanks,

Comments

  • I think the goal here is to monitor the return-traffic which was triggered by the attack. The attack was launched from the address space 112.0.0.0. Therefore the ICMP-unreachables, which are sent back from our networks towards to the 112-range, are redirected to R4 where they are monitored on each interface incoming.

    regards,
    airflow
Sign In or Register to comment.