Solved

Enable icmp ping on ASA 5505 WAN interface

Posted on 2008-10-09
3
16,963 Views
Last Modified: 2014-08-14
Is it possible to enable ICMP ping on my WAN interface for my ASA 5505 as I want to do some diagnosis and performance analysis.

Many thanks.
0
Comment
Question by:AXISHK
3 Comments
 
LVL 4

Assisted Solution

by:TNL_Engr
TNL_Engr earned 100 total points
ID: 22679321
Yes.  If you are working from the ASDM GUI the setting is found under:

Configuration: Device Management: ICMP
Click Add, and select the outside Interface, permit 0.0.0.0 0.0.0.0

From the CLI, it looks like this:
icmp permit any Outside
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 400 total points
ID: 22682934
The thing is that by default, ASAs block all ICMP replies.
To allow this, you need to add this to your access-list:
access-list outside_access_in permit icmp any any echo-reply
access-group outside_access_in in interface outside

I never use the separate icmp permit command because it allows ALL ICMP messages to pass, which can be a potential security threat - not just the ping replies.
Cheers! Let me know if you have any questions
0
 

Expert Comment

by:jongrew
ID: 40260995
I have used the commands in the accepted solution but I still cannot ping the ASA from outside.  Does this command work in version 8.4(4)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now