cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2019
Views
0
Helpful
1
Replies

ASA Management Access & ICMP Rule

QUARK TARO
Level 1
Level 1

I have defined the list of devices which require management access to ASA under Device Management -> ASDM/HTTPS/Telnet/SSH

There is also a section called "Management Access rule" under Device Management. Is it necessary to configure the setting under this?


Also under Device Management -> ICMP, I beleive this allows me to ping the firewall interfaces. By default I have not defined anything but still I am able to ping the firewall interfaces. Is it normal?

1 Reply 1

tavkaur
Level 1
Level 1

Hi,

++ The management access rules are used to permit/deny to-the-box traffic. So if in case you want to block or allow certain users for management access of the box, you can create a rule in this section

++ In your case you have listed the device for management access so there is no need to configure any management access rule

++ Under Device Management --> ICMP, you can control ICMP traffic that terminates on the ASA interface. However, if no ICMP control list is configured, the by default ASA allows to-the-box icmp traffic.

Regards,

Tavleen

Review Cisco Networking for a $25 gift card