Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Allowing Traceroutes

Status
Not open for further replies.
khurram

khurram

IS-IT--Management
Jan 10, 2001
95
0
0
CA
I want to be able allow trace routes into our network since we have so many public IP's. It makes troubleshooting a lot easier. But at the same time, I don't want to get hit with a massive amount of ICMP packets that could result in a DOS attack.

Any ideas on how to configure the access-lists? Thanks.
 
Sort by date Sort by votes
Well.. Typically, your inside network uses a non-routable ip address block, i.e. 10/192/172,etc. I don't see how traceroutes will get past your firewall.

Iota
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
50
gbayi_omo
gbayi_omo
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
42
brownmab53
brownmab53
IT412
  • Locked
  • Question
asa 5510 not allowing traffic inside
Replies
2
Views
13
davy2k
davy2k
zero118
  • Locked
  • Question
TZ170 not allowing traffic other than one IP
Replies
3
Views
40
zero118
zero118
hitdrum
  • Locked
  • Question
Trouble allowing smtp out from DMZ on pix 525
Replies
1
Views
39
hitdrum
hitdrum

Part and Inventory Search

Sponsor

Back
Top