Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
19065
Views
10
Helpful
16
Replies

Traceroute through FTD

Go to solution
Colin Higgins
Level 2
Level 2

‎01-31-2019 06:53 AM - edited ‎02-21-2020 08:44 AM

I am trying to get traceroute to work from my internal network to the Internet through a FTD2110 managed by FMC running 6.2.3 code

 

I created an access policy allowing ICMP type 3 and 11 from the outside to the inside. I added ICMP permit statements in the Platform Settings for the device (3 and 11 on the outside interface to any-ipv4).

 

I also added the Flex config statement to decrement the TTL

 

But this still isn't working. Is this a bug? Unsupported? 

0 Helpful
16 Replies 16

Go to solution
sherali mamatkarimov
Level 1
Level 1
In response to Marvin Rhoads

‎05-31-2024 04:26 AM 

icmp permit any time-exceeded <your outside interface name>
icmp permit any unreachable <your outside interface name>

 How did you enabled this in FDM can't find?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to sherali mamatkarimov

‎05-31-2024 08:56 AM

This can be done in FDM using a Flexconfig object and policy:

MarvinRhoads_0-1717170970780.png

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card