Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
999
Views
0
Helpful
3
Replies

block icmp never work on ASA 8.6

Go to solution
Neetu Bhushan
Level 1
Level 1

‎04-24-2013 08:25 PM - edited ‎02-21-2020 04:52 AM

hi all,

i tried putting this on my ACL

access-list outside_access_in line 1 extended deny icmp any any echo

and write it on the flash.

but still i can ping my ip address.  my ASA version is 8.6.

thanks for any comment you may add.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
James Leinweber
Level 4
Level 4

‎04-25-2013 10:08 AM

The access-list plus access-group apply to traffic transiting through the ASA, not directed to the ASA itself.  To block icmp to the ASA use instead an icmp deny ... statement.

-- Jim Leinweber, WI State Lab of Hygiene

View solution in original post

0 Helpful
3 Replies 3

Go to solution
James Leinweber
Level 4
Level 4

‎04-25-2013 10:08 AM

The access-list plus access-group apply to traffic transiting through the ASA, not directed to the ASA itself.  To block icmp to the ASA use instead an icmp deny ... statement.

-- Jim Leinweber, WI State Lab of Hygiene

0 Helpful

Go to solution
Neetu Bhushan
Level 1
Level 1
In response to James Leinweber

‎04-25-2013 01:48 PM

thanks i got it....

icmp deny any echo-reply outside

0 Helpful

Go to solution
Neetu Bhushan
Level 1
Level 1
In response to Neetu Bhushan

‎04-29-2013 09:56 AM

actually this also makes my pinging from inside to outside, not possible.

so this answer is not correct...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card