Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
621
Views
3
Helpful
4
Replies

Largest Ping Size ?

stuart.jones
Level 1
Level 1

‎02-06-2007 02:13 PM - edited ‎03-11-2019 02:29 AM

Hi,

Does the Pix have a setting as to what ICMP/Ping packets size it will permit to pass ? If so how is this configured ?

Thanks

Labels:
0 Helpful
4 Replies 4

daviddtran
Level 1
Level 1

‎02-06-2007 07:32 PM

yes, it does.

ip audit signature 2150 disable

ip audit signature 2151 disable

this will allow the pix to stop fragmenting

large icmp packet (2150) and allow large icmp

packet (2151) to traverse the firewall.

0 Helpful

stuart.jones
Level 1
Level 1
In response to daviddtran

‎02-07-2007 03:32 PM

Hi David,

Thanks for the info, how do you determine what the size it will permit is ? and can yo change it ?

Regards

Stu

0 Helpful

daviddtran
Level 1
Level 1
In response to stuart.jones

‎02-08-2007 05:56 AM

I think any icmp below 1024 bytes will bypass

signature 2150 but it will hit 2151.

Once you disable these two signatures, the icmp

packets can be as large as you like.

AdnanShahid
Level 1
Level 1
In response to daviddtran

‎06-11-2008 08:19 PM

Hi,

Hope fine. Can you please tell me how can I make a limit on the ICMP Payload in my Router and not allow more than 512 Payloaded ICMP. Actually I am having lots of Large_ICMP Alerts in my IPS. Any config details will be appreciated.

Regards

Adnan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card