10-14-2011 12:15 AM - edited 03-11-2019 02:37 PM
Hi,
I have new ASA with 8.2(5) , I tried to open the ICMP between inside and outside for testing , but I'm always getting the error
%-6-302021An ICMP session is removed in the fast-path when stateful ICMP is enabled using the inspect icmp command.
Although I did not add inspect icmp in the default inspection class.
I have done the same configuration on another ASA with different version 8.0 , and it works fine ..
any ideas !!
Configuration :
------------------------
access-list inside_access_in extended permit icmp any any
access-list outside_access_in extended permit icmp any any
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global