Hi Sergio, Thanks for the reply. As it happens, it was on the 10.157.62.65 network. We originally were utilizing traffic to flow the other direction, but NAT'd, so it was set to a outside interface on the switch. We removed this, and then everything worked as expected. I unfortunately, didn't have access to that switch to look at it, so it took them a bit to track down the issue. Thanks again. -Lyle
_____ From: Sergio Alvarez [mailto:[EMAIL PROTECTED] Sent: Thursday, September 13, 2007 9:23 AM To: Dove, Lyle Subject: Re: [fw1-gurus] ICMP Error First of all I don't believe you will find a solution within SmartDefense because the "Product" that generated the drop was not SmartDefense but "VPN-1 Power/UTM", which means just the firewall module. Now, about the situation itself, are you trying to actually ping from one side of the firewall to the other? Is any of those an "external" interface? (the src and dst IPs are both 10 addresses, which doesn't give any info) Are you just concerned about seeing the message but not really having problems with ICMP traffic generated by you or a particular application? ICMP type 0 is an "echo reply", which means the source machine received an "echo request" at some point and replied with the packet seen and drop by your firewall. Without really knowing anything about the scenario, I'm thinking maybe you have a routing issue some where, the 10.157.62.65 <http://10.157.62.65/> machine received the "echo request" form another ip range (not behind your firewall) but it replied sending the packet to the firewall because it is its default gateway. Regards On 9/12/07, Dove, Lyle <[EMAIL PROTECTED]> wrote: I have been receiving this error, and I can't find where to determine how to resolve it. Here's a snapshot from my log of the error. _____ Number: 2549 Date: 12Sep2007 Time: 10:44:23 Product: VPN-1 Power/UTM Interface: eth3 Origin: x.x.x.x Type: Log Action: Drop Source: 10.157.62.65 Destination: 10.88.10.254 Protocol: icmp SmartDefense Profile: Default_Protection Information: ICMP: Echo Reply ICMP Type: 0 ICMP Code: 0 message_info: ICMP reply does not match a previous request _____ I've looked in my smartdefense tab, and coudn't find where to adjust this. This might not be where to resolve the issue, but thats where I've started. Or is this caused by something else. Thoughts? -Lyle This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. _______________________________________________ fw1-gurus mailing list [EMAIL PROTECTED] http://lists.lists.phoneboy.com/mailman/listinfo/fw1-gurus -- Sergio Alvarez (506)8301342 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
