Project Info:

This is a Networking project for configuring Cisco Adaptive Security Virtual Appliance (ASAv) Firewall to allow Internet Control Message Protocol (ICMP) Traffic.

Project Details:

The Internet Control Message Protocol (ICMP) traffic on a Cisco Adaptive Security Appliance (ASAv) is allowed by default from a higher security level to a lower security level. In this project, I explained how return traffic is permitted without requiring an Access Control List (ACL). For stateful TCP traffic, return traffic is allowed when initiated from the inside. However, to enable pinging from an internal host to an external destination, you must configure the appliance either with the "inspect icmp" statement in the global policy map or by setting up an ACL to allow echo-reply.