08-22-2018 10:42 AM - edited 02-21-2020 08:08 AM
I have searched the forums and all the answers I have seen I have implemented.
When I ping into the ASA's outside (WAN) interface, I can see on the log it is getting denied. I have added an ACL for coming in to the outside interface to allow ICMP.
I have added the ICMP to the global inspection with fixup protocol ICMP.
But when I ping the outside interface I see it is getting 'denied by interface outside'.
ASA 9.2
Thanks.
08-22-2018 11:54 AM
icmp permit ip_address net_mask if_name
08-22-2018 07:13 PM
In addition to what @Greg Smalley correctly suggested, remember these two things:
1. An ACL applied to an interface via an access-group is for traffic THROUGH the interface, not traffic TO that interface.
2. The inspections in your policy map / class map are similarly for traffic through the firewall.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide