Hi Rene,
Please help, I lab it up and it is not working. As shown in the show command below there is no icmp packet seen.
R2#show policy-map type inspect zone-pair
policy exists on zp LAN-TO-WAN
Zone-pair: LAN-TO-WAN
Service-policy inspect : LAN-TO-WAN
Class-map: ICMP (match-all)
Match: protocol icmp
Inspect
Session creations since subsystem startup or last reset 0
Current session counts (estab/half-open/terminating) [0:0:0]
Maxever session counts (estab/half-open/terminating) [0:0:0]
Last session created never
Last statistic reset never
Last session creation rate 0
Maxever session creation rate 0
Last half-open session total 0
Class-map: class-default (match-any)
Match: any
Drop
0 packets, 0 bytes
R2#show run
Building configuration...
Current configuration : 1388 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
ip tcp synwait-time 5
!
class-map type inspect match-all ICMP
match protocol icmp
!
!
policy-map type inspect LAN-TO-WAN
class type inspect ICMP
inspect
class class-default
drop
!
zone security LAN
zone security WAN
zone-pair security LAN-TO-WAN source LAN destination WAN
service-policy type inspect LAN-TO-WAN
bridge crb
!
!
!
!
interface FastEthernet0/0
no ip address
zone-member security LAN
duplex auto
speed auto
bridge-group 1
!
interface FastEthernet0/1
no ip address
zone-member security WAN
duplex auto
speed auto
bridge-group 1
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end