Cisco Systems ASA 5580 Network Router User Manual

Open as PDF

of 2086

40-13

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 40 Configuring Management Access

Configuring ICMP Access

• The ASA only responds to ICMP traffic sent to the interface that traffic comes in on; you cannot

send ICMP traffic through an interface to a far interface.

Default Settings

By default, you can send ICMP packets to any ASA interface using either IPv4 or IPv6.

Configuring ICMP Access

To configure ICMP access rules, perform the following steps:

Detailed Steps

Step 1 Choose Configuration > Device Management > Management Access > ICMP, and click Add.

Step 2 Choose which version of IP traffic to filter by clicking the applicable radio button:

• Both (filters IPv4 and IPv6 traffic)

• IPv4 only

• IPv6 only

Step 3 If you want to insert a rule into the ICMP table, select the rule that the new rule will precede, and click

Insert.

The Create ICMP Rule dialog box appears in the right-hand pane.

Step 4 From the ICMP Type drop-down list, choose the type of ICMP message for this rule.

Step 5 From the Interface list, choose the destination ASA interface to which the rule is to be applied.

Step 6 In the IP Address field, do one of the following:

• Add a specific IP address for the host or network.

• Click Any Address, then go to Step 9.

Step 7 From the Mask drop-down list, choose the network mask.

Step 8 Click OK.

The Create ICMP Rule dialog box closes.

Step 9 (Optional) To set ICMP unreachable message limits, set the following options. Increasing the rate limit,

along with enabling the Decrement time to live for a connection option on the Configuration > Firewall

> Service Policy Rules > Rule Actions > Connection Settings dialog box, is required to allow a traceroute

through the ASA that shows the ASA as one of the hops.

• Rate Limit—Sets the rate limit of unreachable messages, between 1 and 100 messages per second.

The default is 1 message per second.

• Burst Size—Sets the burst rate, between 1 and 10. This keyword is not currently used by the system,

so you can choose any value.

Step 10 Click Apply.

The ICMP rule is added to the ASA, and the change is saved to the running configuration.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems ASA 5580 Network Router User Manual