Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
21306
Views
1
Helpful
5
Replies

echo and echo reply

aksher
Level 1
Level 1

‎10-09-2006 12:17 PM - edited ‎03-09-2019 04:27 PM

what is the difference between echo and echo reply in icmp permit any echo inside

and vice versa..

Labels:
0 Helpful
5 Replies 5

Collin Clark
VIP Alumni
VIP Alumni

‎10-09-2006 12:18 PM

One is a request, the other is the reply.

0 Helpful

aksher
Level 1
Level 1
In response to Collin Clark

‎10-09-2006 12:31 PM

so does the request send only a request and reply both request and reply?

0 Helpful

sundar.palaniappan
Level 10
Level 10
In response to aksher

‎10-09-2006 01:01 PM

Hi,

ICMP echo-request is generated by the device from which the PING is originated. ICMP echo-reply is sent by the target device to the requesting device stating that it received the echo-request.

HTH

Sundar

aksher
Level 1
Level 1
In response to sundar.palaniappan

‎10-09-2006 02:01 PM

my ques here is if yoou have only one either echo request or echo reply what will be the effect as given in command

icmp permit any echo-request inside

or

icmp permit any echo-reply inside

0 Helpful

a.kiprawih
Level 7
Level 7
In response to aksher

‎10-09-2006 04:50 PM

a. icmp permit any echo-request inside

- can send ping request to inside interface, but sender will not get reply.

b. icmp permit any echo-reply inside

- can get reply when pinging inside interface

To control ping request directed to your firewall interfaces, allow only specific ICMP type, i.e, allow only trusted IP/host to ping.

Carefully when allow ping to your outside interface from any internet/external host, esp to avoid ping/icmp attack.

http://www.cisco.com/en/US/customer/products/ps6120/products_command_reference_chapter09186a008063f9fd.html#wp1629224

http://www.rhyshaden.com/icmp.htm

http://groups.google.com.my/group/comp.security.firewalls/browse_thread/thread/2e4d1cf5ce99e9cf/27da7044c784e60e?lnk=st&q=why+ICMP+to+allow+request+reply&rnum=3&hl=en#27da7044c784e60e

Cheers!

AK

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents