NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Rule ignored?



Anders,
I've always found that to get ICMP to work through the box, it must be explicitly
labeled somewhere.  No luck on the any rule.  I would guess that this behavior is to
make sure that IF you want to allow icmp that you use the limited icmp of the
firewall (type 3 and type 8)  not 11,14, etc.

HTH,
CT

"Reed Mohn, Anders" wrote:

> For testing purposes, I added a rule like this, at the top of my rulebase
> (rule nr. 2):
>
> Src: external test-pc
> Dest: internal server
> Service: Any
> Action: Allow
>
> However, when I tried traceroute or ping from the test machine,
> the packets were blocked by this rule (rule nr. 15):
>
> Src: Any
> Dest: internal netw.
> Service: Any
> Action: Reject
>
> I then tried changing the test-pc rule to allow instead of reject. Same
> thing happened.
> Rebooted.. same thing again.
>
> ???????????????
>
> Could this be related to my recent 4.1 SP2 upgrade?
>
> Cheers,
> Anders :)
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.