Link to home
Start Free TrialLog in
Avatar of gedruspax
gedruspaxFlag for United States of America

asked on

Blocking All Incoming ICMP Traffic With Cisco ASA 5510

This is a fairly simple question and i'm sure there is a fairly simple answer but for whatever reason I can't seem to get ICMP blocked properly on my external interface of my ASA.  I obviously don't want my external interface to be pingable but no matter what i configure in the ACL I am still able to ping the outside IP from outside of our network.
 
external ip is xxx.xxx.xxx.178.
 
What is the easiest, best practice way to accomplish this?
ASKER CERTIFIED SOLUTION
Avatar of JFrederick29
JFrederick29
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gedruspax

ASKER

our outside interface is actually named Outside_INF

so would the command be

conf t
icmp deny any Outside_INF?
Yeah, exactly.
Yup, that worked, thanks so much for your help!