ICMP Error

Unanswered Question
Apr 27th, 2010

Hello,

Recently I have been getting the following error message;

Denied ICMP type=8, code=0 from 10.3.70.113 on interface inside

Any Idea's how to resolve this?

Thanks

Tahir

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Tue, 04/27/2010 - 03:16

I assume that you are trying to ping the inside interface of the ASA firewall?

If that is the case,  you need to configure the following:

icmp permit any inside

OR/ if you need to be more specific you can configure the following:

icmp permit 10.3.70.113 255.255.255.255 inside

tahirs001 Tue, 04/27/2010 - 03:24

Hi Halijenn,

This is happening automatically, ICMP has been disabled. This error is generating quite frequently from various IP's

Tahir

Jennifer Halim Tue, 04/27/2010 - 03:26

The error is generated because as you advised icmp is disabled, hence you are getting the error on "deny" icmp echo.

tahirs001 Tue, 04/27/2010 - 03:31

This has just started to happen, ICMP has been disabled when we upgraded.

Will an access-list have triggered this off?

Tahir

Jennifer Halim Tue, 04/27/2010 - 03:34

The error is triggered because you disable icmp, if you enable icmp, you will not see that error.

The error says "deny" the icmp packet, because you have disabled icmp after upgrade as you said.

Actions

This Discussion