I'm trying to permit tracetoute (from an internal server) through my ASA to any host on the outside. So far I can only find information relating to traceroute to show the ASA...
policy-map global_default
class class-default
set connection decrement-ttl
icmp unreachables rate-limit 10 burst-size 5
icmp permit any outside
icmp permit any inside
access-list OUTSIDE_IN permit icmp any any
access-group OUTSIDE_IN in interface outside
How can I simply allow traceroute through the ASA - do I need to look into setting up an access-list for the Unix/Windows traceroute ports?
Perhaps someone can post a similar examle for me?
Many thanks!!!