Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8669
Views
0
Helpful
17
Replies

Still can't traceroute through FTD (6.2.3.2)

Go to solution
peter0023
Level 1
Level 1

‎09-18-2018 05:45 AM - edited ‎02-21-2020 08:15 AM

Hi all

 

I have FTD 2130 version 6.2.3.2 , I'm facing that server trace e.g. 8.8.8.8 always show *

I had read many articles , I had  tried

 

1. set policy from outside to inside allow icmp all

2. add flexconfig with

     policy-map global_policy
       class class-default
        set connection decrement-ttl 

 

 

still not working , someone can help me to fix it? thanks a lot

 

 

 

=============update======================

I fixed this issue , thanks.....

2 people had this problem
0 Helpful
17 Replies 17

Go to solution
samsara
Level 1
Level 1
In response to peter0023

‎09-18-2018 10:24 PM

It seems from device limit , kindly refer to
https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy04691

0 Helpful

Go to solution
ben360
Level 1
Level 1

‎10-16-2020 12:05 PM

Can you expand on the fix?

0 Helpful

Go to solution
Aref Alsouqi
VIP
VIP
In response to ben360

‎10-18-2020 08:34 AM - edited ‎10-18-2020 08:37 AM

Along with enabling ICMP inspection on the global policy map, you need to allow the ICMP unreachable and time exceeded in inbound direction on the ACL applied on the outside interface.

You can enable ICMP inspection from Firepower CLISH mode using the following command:

> configure inspection icmp enable

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card