Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2311
Views
14
Helpful
17
Replies

Unable to ping outside interfaces on FTDs (IOS 7.2.5)

Go to solution
Ditter
Level 4
Level 4

‎02-19-2024 05:28 AM

Hi, never found why i can not ping outside marked interfaces on FTD device although via platform settings this is open.

Please refer to the attached screeshot.

Thanks,

Ditter.

Preview file
62 KB
0 Helpful
17 Replies 17

Go to solution
Marius Gunnerud
VIP
VIP
In response to Ditter

‎02-19-2024 11:58 AM

As mentioned by others here, you cannot ping an FTD interface that is not the ingress interface.  If you want to control ICMP packets that are arriving on a specific interface and are destined for the FTD itself, you can use the ICMP menu / ICMP access list to control this traffic.

--
Please remember to select a correct answer and rate helpful posts

Go to solution
Karsten Iwen
VIP
VIP
In response to Ditter

‎02-20-2024 12:31 AM

to visualize it:

KarstenIwen_0-1708417739635.png

On each interface, you can use the mentioned platform settings to control which ICMP types are processed. Perhaps you don't want the FTD to be pinged, but you want to allow the FTD itself to ping out of the interface. 

Go to solution
Aref Alsouqi
VIP
VIP
In response to Ditter

‎02-20-2024 01:16 AM

As the others mentioned, the use of the ICMP menu is to allow or deny specific ICMP types on an interface. However, the traffic flow should always be coming from a source on the same segment as the interface. A source on the outside segment can ping the firewall outside interface, a source on the inside segment can ping the firewall inside interface, and so on.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card