02-25-2008 02:48 AM - edited 03-11-2019 05:08 AM
Hi, is it possible to limit/drop the amount of ICMP's on the outside interface of an ASA? If I keep a constant ping on our Outside IP (via our guest network) it does drop the ICMP.
Solved! Go to Solution.
02-25-2008 10:10 AM
you don't have the command "icmp deny any outside"..put this command and then give a try
02-25-2008 06:45 AM
I think we've already answered this
icmp deny any outside
02-25-2008 09:30 AM
I've added that but I can still ping it.
02-25-2008 09:55 AM
which interface are you trying to ping ?
what is the output of sh run icmp ?
02-25-2008 10:07 AM
It's the Outside interface, I ping it from our guest ADSL line.
sh run icmp
icmp unreachable rate-limit 1 burst-size 1
02-25-2008 10:10 AM
you don't have the command "icmp deny any outside"..put this command and then give a try
02-26-2008 02:18 AM
Thanks that worked, is it normal to have this in place?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: