I had a customer request that ICMP be allowed out their Cisco ASA. He needed it quick and so instead of doing a quick ACL to allow that traffic, I decided to go this way. Below works well for allowing ICMP.
ASA# config t
ASA(config)# policy-map global_policy
ASA(config-pmap)# class inspection_default
ASA(config-pmap-c)# inspec icmp
This is the retired Shane Killen personal blog, an IT technical blog about configs and topics related to the Network and Security Engineer working with Cisco, Brocade, Check Point, and Palo Alto and Sonicwall. I hope this blog serves you well. -- May The Lord bless you and keep you. May He shine His face upon you, and bring you peace.
Monday, May 12, 2014
Cisco ASA: Allowing Ping Through The ASA 8.3 And After
Subscribe to: Post Comments (Atom)
nice collection of useful tip and technotes you got here!ReplyDelete