Wireless Access

Frequent Contributor I

Is svc-icmp all ICMP types?

Does svc-icmp mean all of this:


administratively-proh.. Administratively prohibited
alternate-address       Alternate address
conversion-error        Datagram conversion
dod-host-prohibited     Host prohibited
dod-net-prohibited      Net prohibited
echo                    Echo (ping)
general-parameter-pro.. Parameter problem
host-isolated           Host isolated
host-precedence-unrea.. Host unreachable for precedence
host-redirect           Host redirect
host-tos-redirect       Host redirect for TOS
host-tos-unreachable    Host unreachable for TOS
host-unknown            Host unknown
host-unreachable        Host unreachable
information-request     Information requests
mask-request            Mask requests
mobile-redirect         Mobile host redirect
net-redirect            Network redirect
net-tos-redirect        Net redirect for TOS
net-tos-unreachable     Network unreachable for TOS
net-unreachable         Net unreachable
network-unknown         Network unknown
no-room-for-option      Parameter required but no room
option-missing          Parameter required but not present
packet-too-big          Fragmentation needed and DF set
parameter-problem       All parameter problems
port-unreachable        Port unreachable
precedence              Match packets with given precedence value
precedence-unreachable  Precedence cutoff
protocol-unreachable    Protocol unreachable
reassembly-timeout      Reassembly timeout
redirect                All redirects
router-advertisement    Router discovery advertisements
router-solicitation     Router discovery solicitations
source-quench           Source quenches
source-route-failed     Source route failed
time-exceeded           All time exceededs
timestamp-request       Timestamp requests
traceroute              Traceroute
ttl-exceeded            TTL exceeded
unreachable             All unreachables


Or is it a subset of the common stuff (echo, traceroute, unreachable)?

Frequent Contributor I

Re: Is svc-icmp all ICMP types?

I just did this to be safe:


ip access-list session .allow-ping-traceroute
  user any icmp echo permit
  user any icmp traceroute permit


Mine was host specific though.  Then I applied it to the role.


*I put a . in front of my stuff to distinguish from defaults.

Guru Elite

Re: Is svc-icmp all ICMP types?

It would be all of them (protocol 1).

Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: