Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
0
Helpful
3
Replies

security to stop icmp packet from outside

r.kukreja
Level 1
Level 1

‎09-28-2010 06:15 AM - edited ‎03-11-2019 11:46 AM

what is the command i can use in

asa 5510 and 5520 to stop icmp packet of my public ip to ruin attac

k of DOS after certain amount of time . lets say 5 minutes i want to stop icmp service of my public ip interface3

Thanks

Rajat

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎09-28-2010 06:54 AM

You can specifically only stop suspicious icmp packet from outside, however, you can turn on basic threat detection feature and change the icmp rate. Threat detection will be applied globally (not interface specific).

Here is the command to change the threat detection rate for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/t.html#wp1526399

Hope that helps.

0 Helpful

r.kukreja
Level 1
Level 1
In response to Jennifer Halim

‎09-28-2010 08:15 AM

I AM using 7.0 version i did not find any command like threat-de

tection kindly help. can it be configure with cbac access

list with time range limit

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to r.kukreja

‎09-28-2010 03:50 PM

Unfortunately you can't configure CBAC on ASA to check the rate of ICMP, and threat-detection is only available from version 8.0.2 onwards and has become more stable on the latest version (8.2.x).

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card