ICMP on Public IP with PAT Translation

Unanswered Question
Dec 17th, 2007
User Badges:

hi all,

A customer needs to enable ICMP for a public IP with different internal servers...

I have following configuration on a ASA 5520

static (inside,outside) tcp public_IP https https netmask

static (inside,outside) tcp public_IP 5405 5405 netmask

static (inside,outside) tcp public_IP 3389 3389 netmask

Any ideas to enable ping from outside to the public IP address ??

thanks for informations...


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jsivulka Tue, 12/25/2007 - 06:37
User Badges:
  • Bronze, 100 points or more

There are some rate limits in ASA which depends upon the type of packets , So if we flood the ASA with icmp packets then due to the rate limits we will surely see drops.

Ping packets translated when performing PAT on the ASA by Using the icmp id.Any PAT traslation will last for 30 seconds and in case of PAT it is not configurable. Instead if you use NAT then the xlate timeout is configurable using


This Discussion