Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
856
Views
0
Helpful
1
Replies

ICMP traffic through ASA 5505

r.landegge
Level 1
Level 1

‎05-29-2008 01:52 PM - edited ‎03-11-2019 05:52 AM

Hi,

I've got a default setup (with DMZ) from the ASA 5505. How can i allow ICMP traffic from inside to outside without messing up the default settings (allow all from high to low security)

Thanks

Remco (newbie :)

Labels:
0 Helpful
1 Reply 1

srue
Level 7
Level 7

‎05-29-2008 02:18 PM

by ICMP, i assume you mean ping responses, from outside to inside?

policy-map global_policy

class inspection_default

inspect icmp

if you actually meant all icmp traffic being allowed out - they are allowed out by default, it's the return that messes with you.

to allow ALL icmp code types back in:

access-list OUTSIDE_IN permit icmp any any

access-group OUTSIDE_IN in interface outside

this explains it more thoroughly

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card