Thursday, March 14, 2019

Traceroute inspect with Cisco ASA

This may be a really dumb question, so forgive me in advance. I'm very new with Cisco ASA and stateful firewalls in general.

I want to allow pings and traceroute from my "trusted" zone (security level 100) out my "untrusted" zone (security level 0). I am familiar with the fact that I need to set the global policy to inspect icmp traffic for it to be stateful and that allows pings to work fine, but traceroute just gives me *

Can someone explain this to me?



No comments:

Post a Comment