Hi, > I am using Checkpoint FW 1 > How do I make a rule to allow ICMP Destination Unreachable subtype > "Fragmention Needed # 4" to go thr'. > Checkpoint does not seem to let me specify subtypes. If you go to the Services Manager in the GUI and select ICMP - you will see the subtypes predefined by Check Point. I don't know the type by heart at the moment, but you can define the type you need by choosing the substring from this specific packet and define a new ICMP Service. If you don't have the literature, a sniffer may help. Try to compare it with the other (predefined) ICMP Services. Hope it helps at least a little bit. Best regards Matthias
begin:vcard n:Leu;Dr. Matthias tel;cell:+49 172 8943533 tel;fax:+49 89 697 59 396 tel;work:+49 89 697 59 390 x-mozilla-html:FALSE url:http://www.aerasec.de org:AERAsec Network Services and Security GmbH (iG) adr:;;Wagenberger Str. 1;Hohenbrunn b. Muenchen;;D-85662;Germany version:2.1 email;internet:[EMAIL PROTECTED] fn:Dr. Matthias Leu end:vcard
