Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
0
Helpful
5
Replies

Small route that can route ping echo requests

dschlic1
Level 1
Level 1

‎07-20-2015 05:49 AM - edited ‎03-08-2019 01:02 AM

I have an application where I need a small router that can be configured to route ping echo requests (protocol ICMP major code 8) from the WAN side to a device on the LAN side. Please note that the ICMP protocol does not have port numbers, so port forwarding will not work. Can I ge some suggestions on router that can handle this?

Labels:
0 Helpful
5 Replies 5

Glenn Martin
Cisco Employee
Cisco Employee

‎07-20-2015 12:21 PM

Hello dschlic1,

Please contact a local reseller for help in determining which Cisco product would be best in your environment.

 

If you have additional support questions, or would like to speak with a pre-sales team please go here [ http://www.cisco.com/cisco/web/solutions/small_business/small_business_support_and_resources.html ]for additional information.. 

 

0 Helpful

dschlic1
Level 1
Level 1
In response to Glenn Martin

‎07-20-2015 01:00 PM

Unfortunately I have been down that path. This is such a specialized issue, normal sales reps don't even know what I am talking about. For that reason I am trying get an answer via a technical channel. Cisco does not make that easy.

0 Helpful

terry-pulley
Level 1
Level 1
In response to dschlic1

‎07-20-2015 02:21 PM

On an ASA I think you can accomplish this.  When I put in a syntax to allow icmp I get these options:

" access-list outside extended permit icmp any any ?"

configure mode commands/options:
  <0-255>               Enter ICMP type number (0 - 255)
  alternate-address
  conversion-error
  echo
  echo-reply
  inactive              Keyword for disabling an ACL element
  information-reply
  information-request
  log                   Keyword for enabling log option on this ACL element
  mask-reply
  mask-request
  mobile-redirect
  object-group          ICMP object-group for destination port
  parameter-problem
  redirect
  router-advertisement
  router-solicitation
  source-quench
  time-exceeded
  time-range            Keyword for attaching time-range option to this ACL
                        element
  timestamp-reply
  timestamp-request
  traceroute
  unreachable
  <cr>

"access-list outside extended permit icmp any any 8" is a valid syntax and should work.

 

You would still need to Nat it so it can then forward to the device on the inside.

0 Helpful

Robert Hillcoat
Level 1
Level 1

‎08-20-2015 01:32 AM

What device  do you currently have as your internet firewall? Tell us a bit more about your setup. 

0 Helpful

Marcel van Dorp
Level 1
Level 1

‎08-21-2015 05:45 AM

You need to do some destination natting since you're most likely using private IP space in your lan.

But that would push everything on that external ip to that internal host.

 

May I ask what you try to accomplish? There might be some other solution.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card