09-19-2008 10:09 AM - edited 03-11-2019 06:46 AM
While we are on the topic. Whenever I add the "fix protocol icmp" command on version 8.0 ASA 5520. My telnet session to the inside will no longer work. Is there anyway around that?
09-19-2008 10:13 AM
What happens if you put in the command:
management-access inside
09-19-2008 01:34 PM
The 'fixup protocol' commands were used in PIX 6.x code. In ASA 7.x and 8.x, this functionality has moved to the MPF.
To enable ICMP inspection in ASA 8.x, your config would look something like this:
class-map inspection_default
match default-inspection-traffic
!
policy-map global_policy
class inspection_default
inspect icmp
!
service-policy global_policy global
Also, for telnet access to the inside interface, you'll want to configure something like this:
telnet
Hope that helps.
-Mike
09-19-2008 05:26 PM
You still CAN enter "fixup protocol ftp 21"
on Pix 7.x and 8.x code. It will automatically
convert into Modular Policy Framework (MDF)
for you.
I didn't try "fixup protocol icmp" in version
8.x because my Pix firewall crashed but I
think it will work as well.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: