This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
pizzaprophet
Participant
‎2024-11-17 07:11 AM
Jump to solution

Gaia 81.10/Quantum 6200: Can I drop ICMP redirect packets without logging?

My firewall gets a lot of ICMP requests that are dropped (reason: ICMP redirect packets are not allowed). Is it possible to have them dropped without logging?

icmp_redirect.png
Preview file
32 KB
0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2024-11-20 05:42 AM
Jump to solution

Yes, see https://support.checkpoint.com/results/sk/sk112772 for allowing ICMP redirect packets - then an Access policy as suggested by PhoneBoy will work!

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

5 Replies
PhoneBoy
Admin
Admin
‎2024-11-18 05:33 AM
Jump to solution

Yes you should be able to create an Access Policy rule that does this.
The Track field for this rule should contain “None.”

0 Kudos
pizzaprophet
Participant
‎2024-11-19 04:30 AM
In response to PhoneBoy
Jump to solution

seems like this doesn't work. ICMP rediret packets are dropped (and logged) before my policies are applied?

0 Kudos
PhoneBoy
Admin
Admin
‎2024-11-19 11:00 AM
In response to pizzaprophet
Jump to solution

What precise rule is it logging on?
If it's Rule 0, check the Implied Rules in Global Properties.


image.png

0 Kudos
pizzaprophet
Participant
‎2024-11-20 04:51 AM
In response to PhoneBoy
Jump to solution

It's not an implied rule. See the screenshot in my first post, it says "Policy Name: Standard", and no rule number

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2024-11-20 05:42 AM
Jump to solution

Yes, see https://support.checkpoint.com/results/sk/sk112772 for allowing ICMP redirect packets - then an Access policy as suggested by PhoneBoy will work!

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top