09-18-2018 05:45 AM - edited 02-21-2020 08:15 AM
Hi all
I have FTD 2130 version 6.2.3.2 , I'm facing that server trace e.g. 8.8.8.8 always show *
I had read many articles , I had tried
1. set policy from outside to inside allow icmp all
2. add flexconfig with
policy-map global_policy
class class-default
set connection decrement-ttl
still not working , someone can help me to fix it? thanks a lot
=============update======================
I fixed this issue , thanks.....
Solved! Go to Solution.
09-18-2018 10:24 PM
It seems from device limit , kindly refer to
https://quickview.cloudapps.cisco.com/quickview/bug/CSCuy04691
10-16-2020 12:05 PM
Can you expand on the fix?
10-18-2020 08:34 AM - edited 10-18-2020 08:37 AM
Along with enabling ICMP inspection on the global policy map, you need to allow the ICMP unreachable and time exceeded in inbound direction on the ACL applied on the outside interface.
You can enable ICMP inspection from Firepower CLISH mode using the following command:
> configure inspection icmp enable
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide