Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
2
Replies

doubt about access-list

giovannibaldi
Level 1
Level 1

‎09-26-2014 07:41 AM - edited ‎03-11-2019 09:49 PM

Hello guys, i need an help. Could you tell me If when i deny IP traffico towards an host  i deny also icmp traffic?

Tanks gio

Labels:
0 Helpful
2 Replies 2

Hernán Figueroa
Level 1
Level 1

‎09-28-2014 02:48 AM

 

 

0 Helpful

Marius Gunnerud
VIP
VIP
In response to Hernán Figueroa

‎09-28-2014 02:48 AM

This is incorrect.  the ICMP protocol is part of the IP protocol suite and is used to send error messages.  So in denying IP you will also be denying ICMP.

But also keep in mind that the ICMP request and ICMP reply are two different flows and are not tracked in the state table of the ASA.  So, if you are pinging from a device on a higher security level interface to a device on a lower security level interface the reply will be denied unless specifically permitted.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card