| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Ping through IPSEC VPN Tunnels?
You have to change the global preferences to Accept ICMP to "Before Last"
or something else so that the encryption rule to the sites is the first
matching rule for these ICMP packages (and of cause the encryption rule
must have "Any" services or include ICMP to allow the ping packages.
(The implied rules are just "hidden" rules and are processed the same ways
that other rules)
I hops this helps
/ Stefan Alkman
Joshua Pickering
<[email protected]> To: [email protected]
Sent by: Mailing list for discussion cc:
of Firewall-1 Subject: [FW-1] Ping through IPSEC VPN Tunnels?
<[email protected]
point.com>
2003-02-13 22:28
Please respond to Mailing list for
discussion of Firewall-1
All,
Please excuse the potentially newbie nature of this question. I have 15
WatchGuard SOHO IPSEC routers in the field configured with VPN tunnels back
to my firewall (4.1SP5a running on IPSO). I used to be able to ping the
inside interfaces (172.16.x.x) of these SOHOs and get a response. I no
longer can. What's changed? I'm not sure. In policy properties, I have
'Accept ICMP' set to 'First'. Are there any other settings I should check?
Thanks in advance.
JP
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
