Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] ICMP and UDP

To: "'Chris Arnold'" <[email protected]>, [email protected]
Subject: RE: [FW1] ICMP and UDP
From: Michael Liberte <[email protected]>
Date: Mon, 26 Mar 2001 21:17:16 +0200
Sender: [email protected]

You have to check "accept UDP replies" in policy properties.
You can also check "accept ICMP" to enable echo replies, but I would advise
you to be more restrictive about ICMP,
and create a rule
ANY>>>Internal-NET>>>echo reply & time exceeded>>>>ACCEPT.
HTH
Michael.

-----Original Message-----
From: Chris Arnold [mailto:[email protected]]
Sent: Monday, March 26, 2001 8:12 PM
To: [email protected]
Subject: [FW1] ICMP and UDP



Hmmm...I have a rule for an internal network such that:

Src          Dest Serv Action
internal-net any  any  accept

I used to be able to ping and traceroute out to external hosts but now can
not.  For some reason replies to UDP packets and ICMP echoes are being
dropped by my clean-up rule when they used to get through just fine.  Does
anyone have any thoughts on curing this?  Much thanks in advance for any
help.

Chris


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] ICMP and UDP
Next by Date: RE: [FW1] ICMP and UDP
Previous by thread: [FW1] ICMP and UDP
Next by thread: RE: [FW1] ICMP and UDP
Index(es):
- Date
- Thread