Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX drops ICMP with less than 20 bytes of payload

Hi, I'm having the following issue: there's an application that pings a host with 5-byte pings. The PIX (7.2 software) won't forward pings unless they have at least 20 bytes of payload. I can also generate the pings with the DOS command ping x.x.x.x -l 5, which pings with 5 bytes of payload, with the same results. Any ideas?

3 REPLIES
Cisco Employee

Re: PIX drops ICMP with less than 20 bytes of payload

is this ICMP request to the Pix interfaces or passing through/transitting the Pix ?

New Member

Re: PIX drops ICMP with less than 20 bytes of payload

Both. If I ping the interface with a 20-byte ping, it works. With a 19-byte ping or smaller, it doesn't. Same thing for anything beyond the PIX. Other hosts connected to the same switch as the near-end interface of the PIX respond fine to the small pings, so I don't think it's the switch or anything before it that's dropping the pings.

Thanks,

Alex.

Cisco Employee

Re: PIX drops ICMP with less than 20 bytes of payload

Remove any "ip audit interface command from the config

106
Views
0
Helpful
3
Replies