05-15-2018 05:56 PM - edited 02-21-2020 07:46 AM
Do ASA clusters support inspect icmp?
This document lists several inspections that are and are not supported. However it is silent regarding icmp inspections.
Our ASA cluster allows us to configure the inspect icmp but it doesn't seem to work. We get nothing in logs about creating dynamic ACLs and we can only get our pings to work if we configured a static ACL on the outside-->in to permit echo-reply.
Thank you.
05-15-2018 10:21 PM
05-16-2018 02:04 AM
05-16-2018 08:24 AM
We retested inspect ICMP today on our ASA cluster and it worked fine today. Yesterday we must have done a bad test.
Is there any show command that will tell us that ICMP echo-replies are being serviced by the inspection engine?
Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide