09-18-2018 05:45 AM - edited 02-21-2020 08:15 AM
Hi all
I have FTD 2130 version 6.2.3.2 , I'm facing that server trace e.g. 8.8.8.8 always show *
I had read many articles , I had tried
1. set policy from outside to inside allow icmp all
2. add flexconfig with
policy-map global_policy
class class-default
set connection decrement-ttl
still not working , someone can help me to fix it? thanks a lot
=============update======================
I fixed this issue , thanks.....
Solved! Go to Solution.
09-18-2018 10:24 PM
It seems from device limit , kindly refer to
https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy04691
10-16-2020 12:05 PM
Can you expand on the fix?
10-18-2020 08:34 AM - edited 10-18-2020 08:37 AM
Along with enabling ICMP inspection on the global policy map, you need to allow the ICMP unreachable and time exceeded in inbound direction on the ACL applied on the outside interface.
You can enable ICMP inspection from Firepower CLISH mode using the following command:
> configure inspection icmp enable
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: