I've been using UptimeRobot for years as a first level of notification that there might be an issue at the office. It's worked well for what it does and it's free. For security reasons I want to disable ICMP on our main outside interface. I know I can manually go in and add exceptions for specific IP addresses (I'm already doing this for 4.2.2.2 which is setup on a tracker for one of our routes), but how do I do it for a whole list without a lot of manual work? I'm sure this list gets updated too which creates another problem!
Hi, Last time I checked, unfortunately you cannot use a group object with the "icmp permit/deny" command to filter traffic destined to the ASA, you have to define each IP address or network.
HTH
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
