ASA 5510 tracert

Answered Question
Sep 7th, 2005
User Badges:

looking for help on getting tracert to work via ASA5510. I'm allowing time-exceeded packets in and this method has worked on PIX6.x(x) but not on this platform.


Also ASDM launcher is throwing error "VM creation failed" Anyone got it working?

I have not worked with the ASA yet, but on the PIX Version 7, to allow traceroute to work, it needed to add the following lines:


--> policy-map global_policy

--> class inspection_default

--> inspect icmp error

--> write mem


Hope this works for you.

(Not sure about the ASDM issue, I will try to find more information on that)


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer

I have not worked with the ASA yet, but on the PIX Version 7, to allow traceroute to work, it needed to add the following lines:


--> policy-map global_policy

--> class inspection_default

--> inspect icmp error

--> write mem


Hope this works for you.

(Not sure about the ASDM issue, I will try to find more information on that)


Actions

This Discussion