[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Blocking All Incoming ICMP Traffic With Cisco ASA 5510

Posted on 2010-11-16
4
Medium Priority
?
1,030 Views
Last Modified: 2012-05-10
This is a fairly simple question and i'm sure there is a fairly simple answer but for whatever reason I can't seem to get ICMP blocked properly on my external interface of my ASA.  I obviously don't want my external interface to be pingable but no matter what i configure in the ACL I am still able to ping the outside IP from outside of our network.
 
external ip is xxx.xxx.xxx.178.
 
What is the easiest, best practice way to accomplish this?
0
Comment
Question by:gedruspax
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 1000 total points
ID: 34145488
ICMP to and from the ASA itself is not controlled via the interface access-lists.

Use the following:

conf t
icmp deny any outside
0
 

Author Comment

by:gedruspax
ID: 34145532
our outside interface is actually named Outside_INF

so would the command be

conf t
icmp deny any Outside_INF?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 34145560
Yeah, exactly.
0
 

Author Comment

by:gedruspax
ID: 34145565
Yup, that worked, thanks so much for your help!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question