cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
328
Views
0
Helpful
1
Replies

Cisco 5550 blocking inbound unsolicited echo-replies

randal975
Level 1
Level 1

                   I would like to block non-stateful unsolicited echo-replies from entering inbound to my Cisco 5550 firewall.  I received the following advice to configure:

policy-map global_policy

class inspection_default

   inspect icmp

   inspect icmp error

My follow on question is, if I add the "inspect icmp", does this still permit stateful icmp echo request/echo replies while blocking non-stateful echo-replies from the outside?  

Also, what does configuring "inspect icmp error" do?

Thanks in advance

1 Reply 1

Michael Muenz
Level 5
Level 5
Review Cisco Networking for a $25 gift card