Results 1 to 4 of 4
  1. #1
    Join Date
    Dec 2020

    Default Block ICMP to VLAN's default gateways


    I have a few 'untrusted' VLANs such as guest WiFi network that I wish to prevent access to other 'trusted' networks. Using
    • Network > Advanced > Access Rules
    • Network > Filter Rules
    • Administration > Admin > Restrict Administration Subnet(s),

    I have managed to blocked HTTPS traffic to the admin portal and ICMP to other devices, however, I am still unable to block ICMP to the Untangle VLAN's default gateways. i.e. when connected to the guest WiFi, I can ping each VLANs default gateway.

    My access rule and Filter rule look like:

    Source Interface =>"Guest WiFi VLAN"
    Destination Interface => "Any Non-WAN"

    I've read a few posts where people have set:
    Source Interface => "Any Non-WAN"
    Destination Interface => "Any Non-WAN"

    But, to me, this will lock me out.

    I've given it several hours and rebooted, but I am still able to ping, so I don't believe it's a session issue.

    Any suggestions will be gratefully received.


  2. #2
    Join Date
    Jan 2019


    Traffic to UT is handled using Network > Advanced > Access Rules (as you mentioned).

    You need to add a rule that "blocks" ICMP.

    There is a default rule that allows ICM> Make sure you put yours at the top as the rules are evaluated top to bottom.

  3. #3
    Join Date
    Dec 2020


    Thanks LaurantR, I forgot to mention that these rules are right at the top.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Phoenix, AZ


    Welcome to Linux...

    The Kernel doesn't care what IP is on the platform, they're all the same. Your access rules will never prevent ping, unless you block it entirely. The rules you've posted are plenty to prevent access to things beyond Untangle. But, you'll always be able to ping all IP addresses on Untangle, if you can ping any of them.

    Because again... Linux.
    Rob Sandling, BS:SWE, MCP
    Phone: 866-794-8879 x201

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2