Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Traceroute through an IPSec tunnel

I recently configured a VPN to our remote offices (PIX 515 and PIX 501's). However, I frequently need to traceroute the remote locations to sort out problems. Previously I had access lists that allowed time-exceeded ICMP packets in. The PIX documentation says "... if you specify an ICMP message type for use with IPSec, PIX firewall ignores it." How can I configure the firewall to allow traceroute responds back to me? I only need to trace the outside interface of the remote office firewall.

Thanks,

-- Rubio

1 REPLY
Bronze

Re: Traceroute through an IPSec tunnel

I think the documentation is saying that you cannot configure this, the PIX ignored it through a tunnel.

931
Views
0
Helpful
1
Replies
CreatePlease login to create content