Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ICMP error packets are dropped by the security appliance


Hi All,

I am getting the following log error message in ASA , but there is an ACL for icmp alllow for all inside hosts ; how can it be possible, is there any other setting needed apart.

access-list inside extended permit icmp any any

Dec 06 2011 22:48:49: %ASA-4-313005: No matching connection for ICMP error message: icmp src inside:172.29.131.3 dst identity:172.29.131.15 (type

5, code 1) on inside interface.  Original IP payload: tcp src 172.29.131.15/443 dst 172.29.135.31/1580.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

ICMP error packets are dropped by the security appliance

ICMP type 5 is a redirect message. Is there a different path that exist from 172.29.135.31 to 172.29.131.15 ?

Is 172.29.131.15 the firewall? 172.29.131.3 is a L-3 device on the inside?

-Kureli

2 REPLIES
Cisco Employee

ICMP error packets are dropped by the security appliance

ICMP type 5 is a redirect message. Is there a different path that exist from 172.29.135.31 to 172.29.131.15 ?

Is 172.29.131.15 the firewall? 172.29.131.3 is a L-3 device on the inside?

-Kureli

New Member

ICMP error packets are dropped by the security appliance

Hi Kureli,

Yes , your guess is right& i will contact the lan administrator now .

Thanks

639
Views
0
Helpful
2
Replies
CreatePlease login to create content