Allow Cisco ASA firewall show traceroutes hops

To allow the ASA show in traceroutes hops you do the following

icmp unreachable rate-limit 10 burst-size 5
# Adjust ICMP unreachable replies:
# The default is rate-limit 1 burst-size 1.
# The default will result in timeouts for the ASA hop:

policy-map global_policy
class class-default
set connection decrement-ttl
# Decrement the IP TTL field for packets traversing the firewall.
# By default, the TTL is not decremented, hiding (somewhat) the firewall.

Reference:

https://learningnetwork.cisco.com/thread/63575