I had a customer request that ICMP be allowed out their Cisco ASA. He needed it quick and so instead of doing a quick ACL to allow that traffic, I decided to go this way. Below works well for allowing ICMP.
ASA# config t
ASA(config)# policy-map global_policy
ASA(config-pmap)# class inspection_default
ASA(config-pmap-c)# inspec icmp
ASA(config-pmap-c)# exit
ASA(config-pmap)# exit
nice collection of useful tip and technotes you got here!
ReplyDeleteJohn Nguyen