Hi,
Currently I have problem to set up the ICMP protocol in my firewall
policy set. I set up the properties for ACCEPT ICMP under security policy
for "before last", then I setup another rule for NO Internal Network Any
ICMP-Protol Drop. However after I pushed the policy, the Internal Network
can't run ICMP related command, such as PING or TRACEROUTE. If I remove that
No internal network drop for the ICMP, I can run the ICMP related command,
unfortunately everybody in the internet can run the ICMP related command as
well. Any suggestion will be great appreciated!
Thanks,
Irene
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
