Tag Archives: 400-101 vce
I’m trying to have my asa 5505 to inspect icmp traffic so im able to ping an address.
I’m following the netacad lab manual
so in config mode
The error comes back it doesn’t recognise the inspect command.
I used the ? command to view and inspect doesn’t appear.
What have I missed ?
Any help would be really appreciated.
It depends on what version of code you are running. Did you follow this config example below?
I have exactly the suggest config applied here (version 8.4(4)). Configure ASDM to show the commands that are going to be applied to the device, then configure ICMP inspect using ASDM so you can see the command that is being used. Its a good way to learn the correct commands.
Reply: I’m running asa 9.1 (5)
I tried the config example, but as I type inspect it states its an unrecognised command.
: Have you tried all this:
policy-map type inspect dns preset_dns_map
message-length maximum 512
service-policy global_policy global
Reply: Thanks for your reply, that didn’t seem to work either.In the end I tried fixup protocol icmp Which seems to have worked.
: Ok, but fixup is old configuration. It’s deprecated. We should know why its not working with class-map.You the commands I sent and received the same error?
Reply: Yes I did.it just stated that the inpect command was unrecognised. so I tried fixup and it seems to be working ok. should I try your commands again ? but what im really keen to understand is why the ios didn’t recognise the command in the first place.
: The inspect command must be executed inside policy-map/ class construction, maybe this is the error.
That’s why i told you to put all the commands i sent, in that order.
Reply: Yes I did that, but it stated it didn’t recognise the inspect command. That’s why I tried the fixup command.