• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 691
  • Last Modified:

Netscreen 5XT + allowing incoming ping responses

I need to allow ping response so my internal lan boxen can ping internet sites. I understand I need allow ICMP 0,3,11 but I'm having a Dickens of a time figuring out how to do this on a Netscreen. It's making me want to yank this thing out and configure OpenBSD. Can someone please post some sample rules or point me to an online walkthrough? Thanks.
0
Dial_tone
Asked:
Dial_tone
  • 3
1 Solution
 
jabiiiCommented:
are you using cli or webui?
0
 
jabiiiCommented:
WEBUI:
policy from trust to untrust new
source address any
dest address any
service ping
action permit
log
ok

cli
set pol from trust to untrust any any ping permit log
0
 
jabiiiCommented:
you really should refference the KB. and th concepts and examples.


https://www.juniper.net/techpubs/software/screenos/screenos5x/ce_all_5_0.pdf
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now