hi all,

i've enabled traceroute on my ASA 5505 and behind is another router.

the problem is the two device's traceroute aren't the same. i want a similar output on the ASA.

is this normal or was there something i've missed?

1841#trace www.google.com

Translating "www.google.com"...domain server (8.8.8.8) [OK]

Type escape sequence to abort.

Tracing the route to www.google.com (173.194.117.50)

  1 172.16.1.1 4 msec *  0 msec   <<< ASA GW

  2 www.google.com (173.194.117.50) 0 msec 0 msec 4 msec

  3 www.google.com (173.194.117.50) 8 msec 8 msec 12 msec

  4 www.google.com (173.194.117.50) 16 msec 12 msec 12 msec

  5 www.google.com (173.194.117.50) 16 msec 16 msec 16 msec

  6 www.google.com (173.194.117.50) 12 msec 12 msec 20 msec

  7 www.google.com (173.194.117.50) 16 msec 12 msec 52 msec

  8 www.google.com (173.194.117.50) [MPLS: Label 16040 Exp 0] 12 msec 12 msec 12 msec

  9 www.google.com (173.194.117.50) 12 msec 12 msec 12 msec

10 www.google.com (173.194.117.50) 12 msec 12 msec 12 msec

11 www.google.com (173.194.117.50) 12 msec 12 msec 12 msec

12 www.google.com (173.194.117.50) 16 msec 12 msec 12 msec

13 www.google.com (173.194.117.50) 16 msec 12 msec 8 msec

ASA5505# trace www.google.com

Type escape sequence to abort.

Tracing the route to 173.194.117.49

1  192.168.1.1 0 msec 0 msec 0 msec    <<< ANOTHER ROUTER CONNECTED TO CABLE MODEM

2  cm1.delta104.maxonline.com.sg (59.x.x.1) 10 msec 10 msec 20 msec

3  172.20.43.1 10 msec 10 msec 10 msec

4  172.26.43.1 10 msec 30 msec 20 msec

5  172.20.7.106 20 msec 10 msec 10 msec

6  203.117.36.89 10 msec 10 msec 10 msec

7  203.117.36.25 30 msec 10 msec 10 msec

8  203.117.36.18 20 msec 10 msec 10 msec

9  72.14.196.189 20 msec 10 msec 10 msec

10 66.249.95.122 10 msec 10 msec 20 msec

11 209.85.244.115 10 msec 10 msec 10 msec

12 www.google.com (173.194.117.49) 20 msec 10 msec 20 msec

ASA5505# sh run policy-map

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny

  inspect sunrpc

  inspect xdmcp

  inspect sip

  inspect netbios

  inspect tftp

  inspect ip-options

  inspect icmp

class class-default

  set connection decrement-ttl

!

ASA5505# sh run access-list

access-list OUTSIDE-IN extended permit icmp any 172.16.0.0 255.255.0.0 echo

access-list OUTSIDE-IN extended permit tcp any 172.16.0.0 255.255.0.0 eq ssh

access-list OUTSIDE-IN extended permit icmp any any time-exceeded

access-list OUTSIDE-IN extended permit icmp any any unreachable