Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Fernandosilva
Explorer

ICMP Traffic from internal network to remote network VPN SSL

Hello!

 

In our environment we use VPN SSL with IP Office mode to acces the resources of the company.

Scenario;

1- User in your home access URL https://vpncompanie.my.com.br (in your personal computer).

2- An IP address is assigned to your personal computer;

1.png 

When I ping this VPN SSL IP: 10.216.192.1 from my internal network company to external personal PC of the user the ICMP is droped.2.png

 

How Can I enable this ping, from  my internal network company to external personal PC on VPN SSL?

0 Kudos
4 Replies
AlejandroH
Ambassador
Ambassador

Looks like there is a rule in your access policy that doesn’t allow for icmp-proto service to pass through. The rule name seems to be “unauthorized SSL VPN traffic”. You can check there. 

0 Kudos
Fernandosilva
Explorer

I don't found this rule because is a implicit rule.

0 Kudos
AlejandroH
Ambassador
Ambassador

It looks like this rule here is the one causing you problems, and it is not part of the implicit rules.  There is a good chance when you go to that rule, there is a icmp service defined as part of a drop.

2021-02-08 16_30_23-Window.png

0 Kudos
the_rock
Champion
Champion

It says "Map rules" and name is Unauthorized ssl vpn traffic...can you show us what that rule looks like? Appears thats whats actually blocking the traffic.

 

Andy

0 Kudos