Wireless Access

Reply
Frequent Contributor I
Posts: 91
Registered: ‎08-10-2015

Is svc-icmp all ICMP types?

Does svc-icmp mean all of this:

 

administratively-proh.. Administratively prohibited
alternate-address       Alternate address
conversion-error        Datagram conversion
dod-host-prohibited     Host prohibited
dod-net-prohibited      Net prohibited
echo                    Echo (ping)
general-parameter-pro.. Parameter problem
host-isolated           Host isolated
host-precedence-unrea.. Host unreachable for precedence
host-redirect           Host redirect
host-tos-redirect       Host redirect for TOS
host-tos-unreachable    Host unreachable for TOS
host-unknown            Host unknown
host-unreachable        Host unreachable
information-request     Information requests
mask-request            Mask requests
mobile-redirect         Mobile host redirect
net-redirect            Network redirect
net-tos-redirect        Net redirect for TOS
net-tos-unreachable     Network unreachable for TOS
net-unreachable         Net unreachable
network-unknown         Network unknown
no-room-for-option      Parameter required but no room
option-missing          Parameter required but not present
packet-too-big          Fragmentation needed and DF set
parameter-problem       All parameter problems
port-unreachable        Port unreachable
precedence              Match packets with given precedence value
precedence-unreachable  Precedence cutoff
protocol-unreachable    Protocol unreachable
reassembly-timeout      Reassembly timeout
redirect                All redirects
router-advertisement    Router discovery advertisements
router-solicitation     Router discovery solicitations
source-quench           Source quenches
source-route-failed     Source route failed
time-exceeded           All time exceededs
timestamp-request       Timestamp requests
traceroute              Traceroute
ttl-exceeded            TTL exceeded
unreachable             All unreachables

 

Or is it a subset of the common stuff (echo, traceroute, unreachable)?

Frequent Contributor I
Posts: 91
Registered: ‎08-10-2015

Re: Is svc-icmp all ICMP types?

I just did this to be safe:

 

ip access-list session .allow-ping-traceroute
  user any icmp echo permit
  user any icmp traceroute permit

 

Mine was host specific though.  Then I applied it to the role.

 

*I put a . in front of my stuff to distinguish from defaults.

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: Is svc-icmp all ICMP types?

It would be all of them (protocol 1).



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: