cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


559
Views
0
Helpful
1
Replies
Highlighted
Beginner

Allow ICMP when using Port Redirection(Forwarding)

When I had the following static statement configured in my ASA, I was able to ping 10.102.10.13.

static (inside,outside) 10.102.10.13 10.201.10.73 netmask 255.255.255.255

Now that I've changed by static statements to what's shown below, I can no longer ping 10.102.10.13.

static (inside,outside) tcp 10.102.10.13 www 10.201.10.73 www netmask 255.255.255.255

static (inside,outside) tcp 10.102.10.13 https 10.201.10.73 https netmask 255.255.255.255

Why isn't there a option for ICMP?

ASA1# static (inside,outside) ?

configure mode commands/options:
  Hostname or A.B.C.D  Global or mapped address
  interface            Global address overload from interface
  tcp                  TCP to be used as transport protocol
  udp                  UDP to be used as transport protocol

Are there any workarounds to enable ICMP pings again?

Thanks in advance.

1 REPLY 1
Cisco Employee

Allow ICMP when using Port Redirection(Forwarding)

Sergio,

     No, the port-translations are only available for TCP and UDP protocols. (since those have the notion of ports at layer 4).

Jay