icmp unreachable rate-limit 10 burst-size 5
# Adjust ICMP unreachable replies:
# The default is rate-limit 1 burst-size 1.
# The default will result in timeouts for the ASA hop:
policy-map global_policy
class class-default
set connection decrement-ttl
# Decrement the IP TTL field for packets traversing the firewall.
# By default, the TTL is not decremented, hiding (somewhat) the firewall.
Reference:
No comments:
Post a Comment