Results 1 to 4 of 4
  1. #1
    Untangler
    Join Date
    Jan 2021
    Posts
    92

    Default Firewall not blocking ICMP

    I have a firewall rule setup to block all traffic if my VPN tunnel is down. It seems to be working for the most part but ICMP is not blocked. I figured all traffic would be blocked. I'm not specifying any protocols, but I did create a test rule blocking ICMP and it still wasn't blocked. Is this normal behavior?

    2022-09-07 09_25_36-Untangle - untangle715 - Brave.png

    2022-09-07 09_24_12-Untangle - untangle715 - Brave.png

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,756

    Default

    Quote Originally Posted by MP715 View Post
    I have a firewall rule setup to block all traffic if my VPN tunnel is down. It seems to be working for the most part but ICMP is not blocked. Is this normal behavior?
    https://forums.untangle.com/ng-firew...tml#post255093
    Last edited by jcoffin; 09-07-2022 at 08:21 AM.
    MP715 likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    Jan 2021
    Posts
    92

    Default

    Quote Originally Posted by jcoffin View Post
    Quote Originally Posted by MP715 View Post
    I have a firewall rule setup to block all traffic if my VPN tunnel is down. It seems to be working for the most part but ICMP is not blocked. Is this normal behavior?
    https://forums.untangle.com/ng-firew...tml#post255093
    Got it. Thanks for your reply. I'm really bad at searching the forums before posting! So, I should have used Filter Rules all along and no longer need those firewall rules above? It's working great!
    Last edited by MP715; 09-07-2022 at 08:27 AM.

  4. #4
    That Which Lurks Below
    Join Date
    Jul 2018
    Posts
    134

    Default

    Quote Originally Posted by MP715 View Post
    …I should have used Filter Rules all along and no longer need those firewall rules above?
    I recommend comparing the conditions available in Filter Rules with those available to the Firewall app. If a rule can be created in Filter Rules, it should be. They're best at blocking any layer-3 attributes: IP addresses, interfaces, &c. ('Anything based on a number', I usually say.)

    In most cases, the Firewall app is used for:
    • geo-IP blocking, used to block traffic to or from whole countries
    • username-based blocking, including blocking based on AD groups
    MP715 likes this.
    Græme Ravenscroft • Technical Marketing Engineer
    ('gram', like the unit of measurement)
    he/him
    Please don't reboot your NGFW.
    How can we make Arista ETM products better?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2