Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

tracert being blocked asa 5505

Posted on 2008-10-09
3
Medium Priority
?
1,690 Views
Last Modified: 2008-10-09
hi i get a request timed out when i try tracert under my cisco asa 5505,
here is the log that appears when i try the trace route

Deny icmp src outside:IPdst inside:MY IP(type 11, code 0) by access-group "outside_access_in" [0x0, 0x0]
0
Comment
Question by:Dan560
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Expert Comment

by:TNL_Engr
ID: 22681578
Have you tried enabling ICMP on the outside interface?
From the CLI, it looks like this:
icmp permit any Outside
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 2000 total points
ID: 22681593
Add this:

conf t
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit icmp any any unreachable
0
 
LVL 4

Expert Comment

by:TNL_Engr
ID: 22681598
Sorry, I forgot to add:  If you are using the GUI (ASDM), this is found under:
Configuration: Device Management: ICMP
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question