Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8400
Views
0
Helpful
15
Replies

Tracert not enabled in ASA

Go to solution
Herald Sison
Level 3
Level 3

‎07-10-2019 11:29 PM - edited ‎02-21-2020 09:17 AM

Hi Guys,

 

i have enabled the command below as what i saw from other forums but still cant get a result for tracert but i can ping successfully 8.8.8.8

 

ASA(config)# policy-map global_policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# set connection decrement-ttl

 

i have also checked and enabled ICMP in Service Policy Rules via ASDM but still not getting a tracert results. What else do i need to do to enable tracert on my ASA? my ASA model is ASA5508.

 

attached is the result of my tracert from my computer connected to the network. so the setup is Computer - > Coreswitch -> ASA -> Internet.

 

 

Preview file
41 KB
0 Helpful
15 Replies 15

Go to solution
Herald Sison
Level 3
Level 3
In response to Richard Burts

‎07-22-2019 05:23 PM - edited ‎07-22-2019 05:26 PM

Hi Sir,

thank you also for your advise. The moment you mentioned access list was not pointed to outside interface that made me decide to use it and it worked. 

 

Then i removed this configs below and it still worked well

 

no icmp permit any outside
no icmp permit any echo-reply outside

 

and i added this config below

 

class-map global-class
match port udp range 33434 33464

 

class global-class
set connection decrement-ttl

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card