With the below config the traceroute from ASA's inside to outside works but not
from outside to inside....
can somebody please suggest...?
From: [email protected]
To: [email protected]
Date: Tue, 11 May 2010 15:59:52 +0530
Subject: [OSL | CCIE_Security] ASA to show as Traceroute Hop
Hello All,
If i do the following config.. on ASA....
class-map TRACE match any
policy-map global_policy class inspection_default inspect dns preset_dns_map
inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp
inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp
inspect sip inspect netbios inspect tftp class TRACE set connection
decrement-ttl
access-list OUT extended permit icmp host 202.2.2.2 host 10.11.11.11access-list
OUT extended permit icmp host 202.2.2.2 host 11.11.11.11access-list OUT
extended permit icmp any any time-exceededaccess-list OUT extended permit icmp
any any unreachable
ciscoasa(config)# sh run access-groupaccess-group OUT in interface
Outsideciscoasa(config)#
Still the ASA is not showing up as a HOP in traceroute... i am doing traceroute
from a router towards a router on the inside of ASA
Am i missng something?
The latest auto launches and test drives Drag n' drop
_________________________________________________________________
Bollywood This Decade
http://entertainment.in.msn.com/bollywoodthisdecade/_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
