[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Rule ignored?
Anders, I've always found that to get ICMP to work through the box, it must be explicitly labeled somewhere. No luck on the any rule. I would guess that this behavior is to make sure that IF you want to allow icmp that you use the limited icmp of the firewall (type 3 and type 8) not 11,14, etc. HTH, CT "Reed Mohn, Anders" wrote: > For testing purposes, I added a rule like this, at the top of my rulebase > (rule nr. 2): > > Src: external test-pc > Dest: internal server > Service: Any > Action: Allow > > However, when I tried traceroute or ping from the test machine, > the packets were blocked by this rule (rule nr. 15): > > Src: Any > Dest: internal netw. > Service: Any > Action: Reject > > I then tried changing the test-pc rule to allow instead of reject. Same > thing happened. > Rebooted.. same thing again. > > ??????????????? > > Could this be related to my recent 4.1 SP2 upgrade? > > Cheers, > Anders :) > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|