- Products
- Learn
- Local User Groups
- Partners
- More
Maestro Masters
Round Table session with Maestro experts
We are observing PING is reachable to all external IPs that is being destination NATed even though ping is not allowed in their respective policy.The IP's which we add in ARP from webui. Externel user able to ping those IP's. We want to block the icmp request for specifcally those IP's.
I was thinking a rule along the lines something like below:
src -> internal networks (NEGATE), so its everything EXCEPT internal nets
dst -> firewall(s)
service -> whatever needed
action -> block
Andy
How are the corresponding ICMP options in Global properties currently configured?
Currently, it's unchecked for another reason. Is it connected to this issue?
I was thinking a rule along the lines something like below:
src -> internal networks (NEGATE), so its everything EXCEPT internal nets
dst -> firewall(s)
service -> whatever needed
action -> block
Andy
Thanks for your response, sir. We have already done it to ignore the problem.
Good job!
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
24 | |
4 | |
4 | |
2 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 |
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY