Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
G_W_Albrecht
Legend Legend
Legend
Jump to solution

Ping to 1530 GW from internal net dropped

Customer has a 1530 SMB appliance in Strict policy mode. He uses a manual rule to enable ping to the GW from internal nets. In firmware R80.20.05 (992001134) this works as expected, but in R80.20.10 (992001491) (and maybe since R80.20.05 (992001208)), ping is dropped by the cleanup rule.

Question now is with R&D : Is this a Bug or just a new Design ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend

No bug - R&D answered:


Well, for now this is new design. Please use IP based rules for such scenarios.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

My guess is it’s a bug of some sort.
What does fw ctl zdebug drop say?

0 Kudos
G_W_Albrecht
Legend Legend
Legend

We did not need to ask fw ctl zdebug drop - according to the logs, ping is dropped by the cleanup rule. The rule not working is:

ping.png

If you substitute the GW object by the GW IP it will match...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
G_W_Albrecht
Legend Legend
Legend

No bug - R&D answered:


Well, for now this is new design. Please use IP based rules for such scenarios.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events