12-28-2017 11:43 PM - edited 02-21-2020 07:02 AM
Hi Friends..
We have configured our ASA firewall to allow Trace Route to reach outside destinations (over internet), as per configuration attached.
But, we are unable to get information of hops in ISP path during Tracing Route to reach destination, from host allowed in LAN Network (attached the problem symptoms).
Please let me know, if any correction required on attached configuration to achieve my requirement.
Solved! Go to Solution.
12-29-2017 07:47 AM
It looks like the icmp unreachable packets are being dropped on the outside interface.
I noticed you have 2 ISPs and use one of them for the traceroute destination. If you also have verify reverse-path it could explain the behavior.
12-29-2017 07:47 AM
It looks like the icmp unreachable packets are being dropped on the outside interface.
I noticed you have 2 ISPs and use one of them for the traceroute destination. If you also have verify reverse-path it could explain the behavior.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide