Link to home
Start Free TrialLog in
Avatar of gedruspax
gedruspaxFlag for United States of America

asked on

Blocking All Incoming ICMP Traffic With Cisco ASA 5510

This is a fairly simple question and i'm sure there is a fairly simple answer but for whatever reason I can't seem to get ICMP blocked properly on my external interface of my ASA.  I obviously don't want my external interface to be pingable but no matter what i configure in the ACL I am still able to ping the outside IP from outside of our network.
external ip is
What is the easiest, best practice way to accomplish this?
Avatar of JFrederick29
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gedruspax


our outside interface is actually named Outside_INF

so would the command be

conf t
icmp deny any Outside_INF?
Yeah, exactly.
Yup, that worked, thanks so much for your help!