In a lab enviroment I was experimenting with acl's and inspections. I could ping a destination with no problem but when trying to use traceroute to the same destination it would fail. Access list I was using was access-list 101 permit icmp any any echo-reply log
access-list 101 permit tcp any any www established log
Inspect rules were ip inspect name myrules tcp audit-trail on
ip inspect name myrules udp audit-trail on
ip inspect name myrules icmp audit-trail on
ip inspect name myrules http audit-trail on
ip inspect name myrules ftp audit-trail on
Trying figure out why ping would work and not traceroute. I am pinging accross a vpn tunnel to another router. Access list and inspection rules applied to the inbound port between tunnel router and destination router.
I am a CCNP student at local college.