Ping on ASA with LMS 3.0

Unanswered Question
May 20th, 2010


Does anyone have an idea about how to disable ICMP queries from the LMS to an ASA firewall? Can we disable ICMP on an ASA and still be able to manage/monitor it in the DFM?

Many thanks,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joe Clarke Thu, 05/20/2010 - 19:44

This will not be possible.  DFM requires ICMP to be able to manage devices.  DFM will use ICMP and SNMP to build its events and alerts.

georges.merhej Fri, 05/21/2010 - 02:57

Clear. But the LMS is pinging all the ASA interfaces although it's managed by its inside interface only. Is it a normal case?

Hitesh Vinzoda Fri, 05/21/2010 - 03:33

When you add a device it adds all the interfaces of the devices. what you should do is go to device manager and select the device and under the interfaces make the desired interfaces status to False from drop down menu. This interfaces will not monitored any more.


Hitesh Vinzoda

Please rate helpful posts.

Joe Clarke Fri, 05/21/2010 - 10:55

While you can do this, you may not want to disable the entire interface.  Instead, if you only want to disable the ICMP polling of the interface IP, go to DFM > Device Management > Device Details, and select the IP option from the tree (when you have launched the Detailed Device View for your ASA).  In the right-hand frame you should see a list of IPs on the ASA.  Make sure all of them have a management state of false except the IP by which the ASA is managed.  That will prevent pings from going out to those other interfaces while making sure DFM can report on other interface-related faults.


This Discussion