Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
G_W_Albrecht
Legend
Legend

Ping to 1530 GW from internal net dropped

Jump to solution

Customer has a 1530 SMB appliance in Strict policy mode. He uses a manual rule to enable ping to the GW from internal nets. In firmware R80.20.05 (992001134) this works as expected, but in R80.20.10 (992001491) (and maybe since R80.20.05 (992001208)), ping is dropped by the cleanup rule.

Question now is with R&D : Is this a Bug or just a new Design ?

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend
Legend

No bug - R&D answered:


Well, for now this is new design. Please use IP based rules for such scenarios.

View solution in original post

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

My guess is it’s a bug of some sort.
What does fw ctl zdebug drop say?

0 Kudos
G_W_Albrecht
Legend
Legend

We did not need to ask fw ctl zdebug drop - according to the logs, ping is dropped by the cleanup rule. The rule not working is:

ping.png

If you substitute the GW object by the GW IP it will match...

0 Kudos
G_W_Albrecht
Legend
Legend

No bug - R&D answered:


Well, for now this is new design. Please use IP based rules for such scenarios.

View solution in original post

0 Kudos