We are using an Altavista Firewall 98 and wanted to allow our
users to ping IP addresses through the firewall. Therefore we
added the following statements to the gated.conf and restarted
gated:
from interface red to interface blue icmp type 0 proxy log;
from interface red to interface blue icmp type 3 proxy log;
from interface red to interface blue icmp type 11 proxy log;
from interface blue to interface red icmp type 8 proxy log;
Our users are now able to ping the cable modems in the net
behind the firewall but the result is always the following
whether the cable modem is online or not:
Pinging 10.186.82.85 with 32 bytes of data:
Reply from 10.186.82.85: bytes=32 time<10ms TTL=64
Reply from 10.186.82.85: bytes=32 time=10ms TTL=64
Reply from 10.186.82.85: bytes=32 time<10ms TTL=64
Reply from 10.186.82.85: bytes=32 time<10ms TTL=64
Ping statistics for 10.186.82.85:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 10ms, Average = 2ms
But this cable modem was not online at the moment of the
ping! That is for sure because I unplugged it myself. :o) If
I ping this unplugged modem from the firewall I get the correct
response. Somehow the result is changed by the firewall on the
way to the client but I do not know how.
Do I have to chnage something in the gated.conf as well? I
know that there is a section named ICMP in the gated.conf but
it contains nothing. It looks like this:
ICMP {
};
Any suggestions? Does anyone have ICMP running through an
Altavista Firewall 98?
Thank you very much in advance!
Kind regards,
Christoph Roevenich B.S.
UPC Telekabel
IT Systems Management
Erlachgasse 116
A-1100 Wien
T +43 (1) 96068-1686
F +43 (1) 96068-1555
E [EMAIL PROTECTED]
