That is normal. Do a traceroute without security appliance and you will see similar results
Regards, Tyson Scott CCIE # 13513 (R&S, Security, SP) Managing Partner/Technical Instructor - IPexpert Inc. [email protected] ----- Reply message ----- From: "Kok Yong CHEONG" <[email protected]> Date: Sun, Aug 7, 2011 8:01 am Subject: [OSL | CCIE_Security] ASA Traceroute To: "[email protected]" <[email protected]> hi guys. need your advise. i was trying on the ASA trace route,and saw the following traceroute result, do you guys have any clue on why cause the * R2 <----> (I) ASA (O) <----> R1 R1 traceroute to R2, with ASA's config: -allow udp 33434 and above on the ASA's outside interface -set connection decrement-ttl on ASA -no ACL on ASA's inside interface R1#traceroute 10/10.4.2 Type escape sequence to abort. Tracing the route to 45.45.4.2 1 10.10.4.12 0 msec 0 msec 0 msec 2 10.10.4.2 4 msec * 0 msec R1# by the way, (10.10.4.12) is ASA inside interface IP, (10.10.4.2) is R2' interface connected to ASA, why is there an "*" on entry of 10.10.4.2 ? and not reporting any value ? what could have resulted with that ? Thanks in advance Regards KY
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
