Activate the traceroute on SAA
Hello
Here is the config on one of my ASA. However, I'm unable to traceroute. What could be the problem.
Access-group outside_access_in in interface OUTSIDE
group-access to the INTERIOR in the interface inside
Access-group interface DMZ DMZ
#sh run access-list outside_access_in | I have icmp
acronisbosrtr1_access_in list extended access permit icmp any any DM_INLINE_ICMP_2 object-group
#sh access-list outside_access_in | I have icmp
permit for the Access-list outside_access_in line 1 extended icmp any any DM_INLINE_ICMP_2 object-group (hitcnt = 4) 0xcbc18759
permit for the Access-list outside_access_in line 1 extended icmp all an echo (hitcnt = 4) 0x30be5688
allowed to Access-list outside_access_in line 1 extended icmp any any echo response (hitcnt = 175) 0x316fe298
permit for the Access-list outside_access_in line 1 extended icmp any any traceroute (hitcnt = 0) 0x6b47fb2a
access-list 1 permit line outside_access_in extended icmp all all inaccessible (hitcnt = 2) 0x30f100d2
allowed for extended access list 1 icmp outside_access_in line all a time exceeded (hitcnt = 526) 0x16e6cb5d
ICMP permitted host 4.2.2.2 OUTSIDE
ICMP deny any OUTSIDE
# sh run id of the DM_INLINE_ICMP_2 object-group
ICMP-type of object-group DM_INLINE_ICMP_2
echo ICMP-object
response to echo ICMP-object
Object-ICMP traceroute
ICMP-unreachable object
ICMP-object has exceeded the time
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect the rsh
inspect sunrpc
inspect xdmcp
inspect the netbios
inspect the tftp
Review the ip options
inspect the icmp
inspect the sip
class class by default
# ping 4.2.2.2
Type to abort escape sequence.
Send 5, echoes ICMP 100 bytes to 4.2.2.2, time-out is 2 seconds:
!!!!!
Success rate is 100 per cent (5/5), round-trip min/avg/max = 12/10/20 ms
# traceroute 4.2.2.2
Type to abort escape sequence.
The route to 4.2.2.2
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 b.resolvers.level3.net (4.2.2.2) 20 msec * 0 msec
When you run the traceroute command of? If the ASA himself, it seems that there could be an ASA upstream, not setup like yours.
Other than that, your config appears correct. You could add bits:
asa(config)# policy-map global_policy asa(config-pmap)# class class-default asa(config-pmap-c)# set connection decrement-ttl
.. .in to appear as the first bond for customers inside your ASA out.
Tags: Cisco Security
Similar Questions
-
How can I get the messages appear when sent even if my phone is locked. I only get messages across when I activate the phone
Settings > Notifications > Messages > display on the lock screen
-
TNX
Hello
Swimming workouts
Begin a swim practice in the application of the workout on Apple Watch series 2 models automatically activates the lock of the water, which locks the screen to avoid accidental interactions during your workout.
To complete your workout and to evacuate all the water:
- Press the digital Crown and side button at the same time (which makes a break from the workout).
- Turn the digital Crown, which opens the screen and erases all the water inside of the watch (it can make a sound).
- Forehand and press end.
Other swimming
If you plan to get your Apple Watch series 2 wet in other circumstances that when training of swimming - as to the course of General wear in a pool - you can manually lock the screen first and then drain the water from the speaker subsequently:
- Slide up from the bottom of the face of the watch to open Control Center > tap water from lock to lock the screen.
- When you're done: turn the digital Crown to unlock the screen and drained the water from the speaker.
- The lock can also be unexpected water activated and unlocked immediately after exposure to the water.
After bathing, make sure to clean your Apple Watch series 2 by rinsing them with hot water from the tap. Watch and the band should be dried with a non abrasive and non fluffy cloth.
Strips of leather and stainless steel (Milanese Loop and Bracelet links) are not water resistant, so should not be worn when swimming.
More information:
Work with your Apple Watch - Apple Support
-
Why my iPhone 4S (ios 9.3.5) does not activate the messages using my apple ID?
Why my iPhone 4S (ios 9.3.5) does not activate the messages using my apple ID?
Michael T.L. says:
Why my iPhone 4S (ios 9.3.5) does not activate the messages using my apple ID?
If you get an error when you try to activate FaceTime - Apple Support or iMessage
-
How to activate the spell checker
I use Mozilla Thunderbirds e-mail and would like to know how to activate the spell checker - Help
http://email.about.com/od/mozillathunderbirdtips/Qt/et_inline_spell.htm
-
How do I activate the calendar when you first start, I chose disable
I can not activate the calendar. On the first run, I chose 'Disable sockets calendar' and now I can not activate.
How to activate?I try to reinstall Thunderbird and add addons Lightning, but even now calendar options.
We managed to solve the problem of:
1. Uninstall addition
2. restart Thunderbird
3. search for the site of the add-on and reinstall.
4. restart Thunderbird and once the question arose as to the introduction of the calendar.Problem has been resolved.
-
Hi - I want to get some screenshots of the activation of the blocker in Firefox, but even if I visit a Web site where pop-ups are blocked, it shows that very briefly the warning, then disappears. I want it to show up properly so I can-screenshot it and show my users how to allow popups for a particular site (without them going into the settings and do it manually).
Any ideas how I can re - activate the blocker warnings?
I looked at a few parameters in: config, but they seem to imply it is active:
browser.popups.showPopupBlocker; true
privacy.popups.showBrowserMessage; truePerhaps using this Web page to test the trainer will help you. A warning bar appears and stays there for me with a lot of these 'tests '.
http://www.PopupTest.com/ -
How can I activate the pop-up Blocker
How can I activate the blocker pop up on Firefox?
drummershob said
addons.Mozilla.org > Add-ons for Firefox > Extensions
The Firefox Extensions section of AMO are for Office Max OSX, Firefox for Windows and Linux. Firefox Android extensions are to allplayer
There is no section for the OS "Firefox".
-
Impossible to activate the dark mode in Firefox 39.0 with subject: config.
After you have installed the 39.0 beta of Firefox, I was impossible to activate the dark by topic mode: config.
That's what I changed:
Browser.devedition.Theme.Enabled: true
devtools. Theme: black
lightweightThemes.selectedThemeID: [email protected]I use "Fox, but better" plugin and I have to disable it without success.
guigs2 said
Hi CiRiX,
I understand that you are using a dark theme and have changed the settings in topic: config, that could change how the button toggle works in the themes section for about: addons...It is possible to reinstall the extension, or try these troubleshooting steps:
I managed to fix it by clicking Activate and then deactivate it on another theme.
Thanks for your help!
-
Is there a shortcut to activate the display of the player?
Is there a shortcut to activate the display of the player?
See:
- bug 1144749 - create a shortcut to the drive mode
- bug 1160848 - add shortcuts to scroll to the next/previous paragraphs in Player Mode
Please, do not comment in bug reports
https://Bugzilla.Mozilla.org/page.cgi?id=etiquette.html
You can vote for a bug to show your interest
https://Bugzilla.Mozilla.org/page.cgi?id=voting.html -
Impossible to activate the phone after 6 s restoration
I just restored my iphone 6s now my old apple ID does not have to activate the phone... help nicely. The same id is used several times to download the files and applications. Also, I bought this new phone.
Is this the only Apple ID you have? You know the partial Apple ID that shows activation?
-
Can I activate the Apple logo lit on the back of my 30 inch Apple display?
Can I activate the Apple logo lit on the back of my 30 inch Apple display?
It would be cool to see!
It would be cool, but I don't think it was an aspect of the design. The back of my screen to the wall. The size and the quality of the image and the glass, I think, speaks for itself. The black Apple logo on finely designed aluminum case is very well see when switching from an office. We'll let the glowing Apple logos to Mac Air and MacBooks.
Bravo!
-
How to activate the default theme
I get a black screen when you start Firefox. Safe mode works. I went through the uninstall process and reinstall of Firefox and fixing and reset and open in safe mode and disabling modules and uncheck acceleration of material as described in the troubleshooting tips.
I'm at the help desk where I'm supposed to change the default theme but it is off to me. There is no checkbox to activate the default theme. How can I activate the default theme?
If allowing the default theme is there anything else I can to get past the black screen when starting Firefox?
Sorry, please deactivate hardware acceleration as a temporary workaround. There is an incompatibility between 33 Firefox and some former card/chipset drivers graphic. More information: https://support.mozilla.org/questions/1025438
-
My bar tools change is not available. No suggestions from Google Help labour. Customize is NOT a tab to activate the menu bars - I have reset Mozilla and I'm not in full screen. Thanks for any help
The classic menu bar is not displayed by default, so after reboot, it will not appear immediately. To activate the Menu bar, try one of these:
- Right click on an empty area of the tab bar
- Click the "+" button on the tab bar
- Press the Alt key to display the menus temporarily classic bar and then view > toolbars
- in customize, try the button show/hide toolbars
A little luck?
-
My iPhone was stolen. I try to activate the 'find' on iCloud app but my camera is not listed in the topic "all devices". If I select the "settings" app in iCloud, I see my device listed but. How can I get my unit added to the app locate so that I can active lost mode? Thank you.
You can only locate, lock or wipe your device when it is connected to iCloud and "Find my phone" is enabled, in addition the unit must be turned on and connected to a cellular network or wifi.
Unfortunately, you can not activate iCloud or "Find my phone" remotely.
Maybe you are looking for
-
Apple Watch drop connection with Plantronics BackBeat FIT
Hello. I recently bought a pair of headphones Plantronics BackBeat FIT to pair with my Apple Watch wireless via bluetooth. I was easily able to pair the headset with my watch as soon as I started to exercise in the gym, the headphones were disconnect
-
How to disable annoying Simulator of Fn - key in the upper display area
Whenever I move my cursor until the top of the screen (to drag the name of a folder or program for example list) this boring 'key functions Simulator' scrolls down.Is it possible to disable this "feature"? I am a user of windows vista, if it's import
-
What is the drive in a compaq presaario?
I need to know what type of disk interface using the compaq presarios4000nx. IDE, great ide, ata? I want to replace the Maxtor 6E030L0 that is in there now, but I'm not sure what type of replacement drive. any help?
-
Satellite Pro A60 failed to connect to the network after the fashion watch
Satellite Pro A60 running XP Home. When I close the lid it goes mode 5000mAh as set upwards. When I lift the lid, I find that I have to restart to re-establish the connection to the internet through the wireless router. When this happens other comput
-
FYI: El Capitan upgrade - Epson scanner does not work
Re: iMac 27 "(mid-2010) - I thought I'd share the solution to my problem." With Yosemite and with my 12 year old Epson Perfection 3200 Photo scanner worked great! I accessed use Apple's Image Capture utility. After having recently upgraded to El Capi