[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Ping through IPSEC VPN Tunnels?
You have to change the global preferences to Accept ICMP to "Before Last" or something else so that the encryption rule to the sites is the first matching rule for these ICMP packages (and of cause the encryption rule must have "Any" services or include ICMP to allow the ping packages. (The implied rules are just "hidden" rules and are processed the same ways that other rules) I hops this helps / Stefan Alkman Joshua Pickering <[email protected]> To: [email protected] Sent by: Mailing list for discussion cc: of Firewall-1 Subject: [FW-1] Ping through IPSEC VPN Tunnels? <[email protected] point.com> 2003-02-13 22:28 Please respond to Mailing list for discussion of Firewall-1 All, Please excuse the potentially newbie nature of this question. I have 15 WatchGuard SOHO IPSEC routers in the field configured with VPN tunnels back to my firewall (4.1SP5a running on IPSO). I used to be able to ping the inside interfaces (172.16.x.x) of these SOHOs and get a response. I no longer can. What's changed? I'm not sure. In policy properties, I have 'Accept ICMP' set to 'First'. Are there any other settings I should check? Thanks in advance. JP ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|