[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] FW: Firewall-1 Mailinglist Digest V1 #1676
If you don't allow icmp-proto or echo-request inbound to your network, people cannot ping in. To allow outbound pings, you need to allow echo-request going out, and echo-reply back in. local_net * ANY * echo-request * accept ANY * local_net * echo-reply * accept ANY * ANY * icmp-proto * drop Doug Johnson Sr. Network Engineer ------------------------------ Date: Thu, 22 Mar 2001 19:35:48 -0800 From: Tony Wong <[email protected]> Subject: [FW1] blocking inbound icmp How can i block any icmp from the internet to my firewall and allow = icmp out from the internal network? - ------ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|