packet-tracer shows ping traffic being dropped at NAT phase 7 and Result states "Drop-reason: (acl-drop) Flow is denied by configured rule"
firewall has simple configuration:
access-list Inside_access_in permit tcp object "source" object-group "destination" object-group "service-ports"
access-list Inside_access_in permit icmp object "source" object-group "destination"
icmp permit "source/-inside LAN" Inside
object network "source object-group network"
nat (any,destination) dynamic interface
access-group Inside_access_in in interface Inside
route "destination and mask" "gateway IP"
there are no ACLs being used on the outside interface, no assigned access-group
packet-tracer shows all other port of traffic (in service-port object-group) being permitted through firewall's NAT policy. only icmp is being dropped.
any suggestions would be appreicated.