Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5724
Views
0
Helpful
1
Replies

Port forward inbound ICMP (for nagios monitoring)

Go to solution
tf2-conky
Level 1
Level 1

‎09-06-2010 03:15 PM - edited ‎03-11-2019 11:35 AM

Can you port forward inbound ICMP connections on an ASA firewall?

There doesn't appear to be the option to do this. Only tcp or udp


fw1(config)# static (INSIDE,OUTSIDE) ?

configure mode commands/options:
  Hostname or A.B.C.D  Global or mapped address
  interface            Global address overload from interface
  tcp                  TCP to be used as transport protocol
  udp                  UDP to be used as transport protocol


I suspect I'm going to need to configure a site-to-site VPN with the monitoring environment, and allow monitoring of the internal hosts over the tunnel?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎09-06-2010 04:15 PM

That is correct. ICMP does not use ports so, this is not possible.

You may want to do 1-1 static instead if you have an available IP address to spare.

You can read the rfc here: http://www.faqs.org/rfcs/rfc792.html

-KS

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎09-06-2010 04:15 PM

That is correct. ICMP does not use ports so, this is not possible.

You may want to do 1-1 static instead if you have an available IP address to spare.

You can read the rfc here: http://www.faqs.org/rfcs/rfc792.html

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card