Results 1 to 4 of 4
  1. #1
    Untangler
    Join Date
    Sep 2019
    Location
    Canada
    Posts
    39

    Angry ICMP between two internal vlans

    I have two internal vlans on my firewall. I want to allow ICMP packets from vlan A going to vlan B. I created the rules in the firewall filter app and also in the network filter in the settings. I've tried the following for both as rules:

    1. source interface A to interface B, prot ICMP
    2. source address 192.168.0.0/24 dest address 192.168.1.0/24, port ICMP
    3. source interface A to interface B

    I can connect to other services such as RDP and ssh across my vlan via the rules i have in place that allow it. It just seems that ICMP packets are blocked somewhere. It doesn't show up in the filter event logs.

    The reason I am doing this is to do discovery scans with my vuln scanner.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,959

    Default

    Untangle doesn't block anything between VLANs by default, you had to configure a block to make that behavior happen.

    We'd need screen shots of the rules themselves to really assist any further. The above rules seem logically sound, perhaps you simply forgot to make sure the pass rules were above the block rule in the list?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangler
    Join Date
    Sep 2019
    Location
    Canada
    Posts
    39

    Default

    Those are literally the only rules I have enabled right now to troubleshoot. I have double checked if any of the "blocking" boxes are checked and they are not.

    Update: I actually deleted all rules, and still no go.
    Last edited by propellherhead333; 04-09-2020 at 11:33 AM.

  4. #4
    Untangler
    Join Date
    Sep 2019
    Location
    Canada
    Posts
    39

    Default Resolved

    By disabling all rules and then re-enabling them resolved my issue. Kind of odd.

    Also when I re-enabled my rules as above, they were ignored. Things that I am blocking and verified as checked off were not blocking. I rebooted the firewall and everything worked as expected. So it seems the firewall filters were not enabled or updated as per the GUI until a reboot.
    Last edited by propellherhead333; 04-09-2020 at 12:15 PM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2