cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
386
Views
0
Helpful
2
Replies

Restrict Ping to FTD Management Interface

mumbles202
Level 5
Level 5

Is there a way to restrict ICMP for the management interface of an FTD?  I see how to restrict ICMP to the data-plane interfaces of the FTD and also how to restrict ssh access to the management interface of the FTD, but didn't see how to restrict ICMP to a subset of hosts that need to monitor the device.  Is that possible?  

2 Replies 2

marce1000
VIP
VIP

 

 - FYI : https://community.cisco.com/t5/network-security/block-icmp-to-ftd-device-interface-ip-in-fdm/m-p/4152415#M1073966

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Thanks for the link.  So that works for disabling pings to the outside interface of the FTD.  I'm referring to the MGMT interface which doesn't sit behind the FTD inside interface.  I see you can modify the ssh access-list that is applied to the MGMT interface but haven't found a way to restrict ICMP to that interface.  

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: