Largest Ping Size ?

Unanswered Question
Feb 6th, 2007

Hi,

Does the Pix have a setting as to what ICMP/Ping packets size it will permit to pass ? If so how is this configured ?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
daviddtran Tue, 02/06/2007 - 19:32

yes, it does.

ip audit signature 2150 disable

ip audit signature 2151 disable

this will allow the pix to stop fragmenting

large icmp packet (2150) and allow large icmp

packet (2151) to traverse the firewall.

stuart.jones Wed, 02/07/2007 - 15:32

Hi David,

Thanks for the info, how do you determine what the size it will permit is ? and can yo change it ?

Regards

Stu

daviddtran Thu, 02/08/2007 - 05:56

I think any icmp below 1024 bytes will bypass

signature 2150 but it will hit 2151.

Once you disable these two signatures, the icmp

packets can be as large as you like.

AdnanShahid Wed, 06/11/2008 - 20:19

Hi,

Hope fine. Can you please tell me how can I make a limit on the ICMP Payload in my Router and not allow more than 512 Payloaded ICMP. Actually I am having lots of Large_ICMP Alerts in my IPS. Any config details will be appreciated.

Regards

Adnan

Actions

This Discussion