[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] icmp through fw-1
Thapedi, You might be stating the "icmp-proto" service, which is not exactly what you need. Try specifically using "icmp echo-request" and "icmp echo-reply", that should work. Regards, Matthew Tam HP Consulting mailto: [email protected] tel: (852) 2599-7403 fax: (852) 2506-9259 -----Original Message----- From: Thaps Matsabu [mailto:[email protected]] Sent: Wednesday, December 20, 2000 2:55 PM To: 'fw-1-mailinglist (e-mail)' Subject: [FW1] icmp through fw-1 Hi, I am trying to allow only one host to ping though my firewall, while dropping all other icmp connections. I disabled ICMP on the properties and added an ICMP rule in my rule base with my host as source and destination any, but it didn't working. I also tried enabling ICMP (accept last) on the properties and changed my last rule (drop all) to "drop all except my "host" still didn't work. It only works when I allow ICMP in the properties with either first or last (because I have droll all rule as my last rule). Your help is highly appreciated, Regards, Thapedi Matsabu PQ Africa - IPNOC (SAA) [email protected] Tel:Fax:*********************************************************************** Important: This e-mail and its attachments are intended for the above named only and may be confidential. If they have come to you in error you must take no action based on them, nor must you copy or show them to anyone. If you have received this communication in error please notify the sender by e-mail, or by telephone and then delete the e-mail and any copies of it. Although this e-mail and its attachments are believed to be free from any virus, it is the responsibility of the recipient to ensure that they are virus free. *********************************************************************** "Only when lions have historians will hunters cease being heroes." ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|