0 Replies Latest reply: Jun 17, 2015 9:18 AM by Dedu Adrian RSS

Hello everybody! I have a problem with implementing ACL in Opnet Modeler. Can someone help?

Dedu Adrian

Ok so here is the story. I have a project where i have to simulate a DoS attack. Here is the network:

 

Capture.JPG.jpg

I have two clients that communicates through the network with the file server. The attacker comes up and starts pinging the server using large packets (65.000 bytes) at a very small interval (0.1secs). Its a simple DoS attack. Now, one way to solve this attack is by applying ACLs to the Cisco 2500 IP router_0. This ACL should filter the entire traffic that comes on the incoming port and drop all ICMP traffic. The ideal situation would be if i can implement an ACL which could allow me to filter just ICMP traffic that is larger than a value defined by me, because i dont want all ICMP traffic to be dropped (for future troubleshoot situations). I tried to implement the ACL but it doesn't work. The router drops every packet that flows through the network, leaving the network dead. Here is how i did it:

 

Capture2.JPG.jpg

In Edit Attributes of the router, go to IP->IP Routing Parameters -> Extended ACL Configuration. In the List Configuration Table i selected Deny under Action tab and ICMP under protocol Tab. and left Any everywhere else. Then i went to the interface that connects to the cloud (IF1) at IP Routing Parameters -> Interface Information (7 rows) -> IF1 ->Packet Filter - > selected the ACL confugured earlier. Once applied, there is no more traffic that runs through the network.

Im not sure if i configured it good or not but it doesnt work. Can anybody please help with a solution? Thank you very very much!!!