Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3767
Views
0
Helpful
2
Replies

how to enable icmp (traceroute) through firewall

carl_townshend
Spotlight
Spotlight

‎06-22-2008 11:34 AM - edited ‎03-05-2019 11:45 PM

Hi all, on my asa, how do i let icmp pass through it, does it allow it via default ? from inside to outside ?

Labels:
0 Helpful
2 Replies 2

Jason Fraioli
Level 3
Level 3

‎06-22-2008 05:00 PM

try the following ACL for icmp

access-list [named_acl] permit icmp [inside] [outside]

Edit: I don't think firewalls permit any traffic by default.

0 Helpful

vsaavedra
Level 1
Level 1

‎06-23-2008 08:24 PM

You will need to allow the icmp type specific to traceroute from outside.

access-list out_in extended permit icmp any any tracertroute

access-list out_in extended permit icmp any any unreachable

also you'll probably need these commands

icmp permit any traceroute outside

icmp permit any unreachable outside

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card