Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Allow tracert/pathping through firewall?

Hi,

I have an ASA 5520, I am using sub-interfaces to a VLAN switch (Cisco 3750). I'm based on the "inside" and I need to use pathping and tracert from my PC to these remote networks that are on the VLANs.

I think the firewall might be blocking this, but am not sure. As soon as my trace gets to the firewall I get the * * * appear as if it's getting blocked.

Any Ideas?

6 REPLIES

Re: Allow tracert/pathping through firewall?

New Member

Re: Allow tracert/pathping through firewall?

Hi,

I just want the DMZ1 servers to tracert to my inside PC, do you know how I can do through the ASDM?

Re: Allow tracert/pathping through firewall?

Did you read the url?

It outlines the procedure quite well I thought.

It also depends on the version of IOS you are using, the document covers it:-

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml#topic0

HTH>

New Member

Re: Allow tracert/pathping through firewall?

Thing is I can ping fine, it's just the tracert and pathpings

Re: Allow tracert/pathping through firewall?

Have you actually configured:-

policy-map global_policy

class inspection_default

inspect icmp

As the document instructs you to or:-

class-map class-default

match any

policy-map global_policy

class class-default

set connection decrement-ttl

HTH>

New Member

Re: Allow tracert/pathping through firewall?

policy-map global_policy

class inspection_default

inspect icmp

has been added, is that a NAT I have to add?

908
Views
0
Helpful
6
Replies