I've been using UptimeRobot for years as a first level of notification that there might be an issue at the office. It's worked well for what it does and it's free. For security reasons I want to disable ICMP on our main outside interface. I know I can manually go in and add exceptions for specific IP addresses (I'm already doing this for 4.2.2.2 which is setup on a tracker for one of our routes), but how do I do it for a whole list without a lot of manual work? I'm sure this list gets updated too which creates another problem!
Hi, Last time I checked, unfortunately you cannot use a group object with the "icmp permit/deny" command to filter traffic destined to the ASA, you have to define each IP address or network.
HTH
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: