ICMP Error

Unanswered Question
Apr 27th, 2010


Recently I have been getting the following error message;

Denied ICMP type=8, code=0 from on interface inside

Any Idea's how to resolve this?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jennifer Halim Tue, 04/27/2010 - 03:16

I assume that you are trying to ping the inside interface of the ASA firewall?

If that is the case,  you need to configure the following:

icmp permit any inside

OR/ if you need to be more specific you can configure the following:

icmp permit inside

tahirs001 Tue, 04/27/2010 - 03:24

Hi Halijenn,

This is happening automatically, ICMP has been disabled. This error is generating quite frequently from various IP's


Jennifer Halim Tue, 04/27/2010 - 03:26

The error is generated because as you advised icmp is disabled, hence you are getting the error on "deny" icmp echo.

tahirs001 Tue, 04/27/2010 - 03:31

This has just started to happen, ICMP has been disabled when we upgraded.

Will an access-list have triggered this off?


Jennifer Halim Tue, 04/27/2010 - 03:34

The error is triggered because you disable icmp, if you enable icmp, you will not see that error.

The error says "deny" the icmp packet, because you have disabled icmp after upgrade as you said.


This Discussion