Solved

Blocking All Incoming ICMP Traffic With Cisco ASA 5510

Posted on 2010-11-16
4
1,026 Views
Last Modified: 2012-05-10
This is a fairly simple question and i'm sure there is a fairly simple answer but for whatever reason I can't seem to get ICMP blocked properly on my external interface of my ASA.  I obviously don't want my external interface to be pingable but no matter what i configure in the ACL I am still able to ping the outside IP from outside of our network.
 
external ip is xxx.xxx.xxx.178.
 
What is the easiest, best practice way to accomplish this?
0
Comment
Question by:gedruspax
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 250 total points
ID: 34145488
ICMP to and from the ASA itself is not controlled via the interface access-lists.

Use the following:

conf t
icmp deny any outside
0
 

Author Comment

by:gedruspax
ID: 34145532
our outside interface is actually named Outside_INF

so would the command be

conf t
icmp deny any Outside_INF?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 34145560
Yeah, exactly.
0
 

Author Comment

by:gedruspax
ID: 34145565
Yup, that worked, thanks so much for your help!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonicWall Max Connection Setting 7 44
Cisco ASA VPN Client Routing 8 60
Cisco VOIP Question 1 37
Cisco EAP TLS, ACS and changing Root CA 4 21
Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question