Solved

How to allow ICMP traffice through Sonicwall TZ100 firewall

Posted on 2012-03-23
3
8,061 Views
Last Modified: 2012-05-09
Our new ISP needs us to allow ICMP traffic in our firewall to our wan IP Address from their monitoring IP address blocks so they can monitor and ping our circuit.

How is this done? Any help is appreciated.

Thanks.
0
Comment
Question by:Terrace
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 5

Assisted Solution

by:andrew1812
andrew1812 earned 100 total points
ID: 37759868
Configure an inbound ACL which permits ICMP traffic on to the WAN interface of the firewall.
0
 
LVL 11

Assisted Solution

by:Khandakar Ashfaqur Rahman
Khandakar Ashfaqur Rahman earned 100 total points
ID: 37759882
Firewall>Access Rule then add a rule:

Action: Allow
From Zone: Select your zone
To: WAN
Service: ICMP
Source: Create network for some specific IP otherwise select all WAN
Destination: WAN Interface IP
0
 
LVL 3

Accepted Solution

by:
Konsultant earned 300 total points
ID: 37767539
Hi,

Go to:
1. Network
2. Interfaces
3. Select X1 WAN then click on the Edit icon at the end of the line. This will bring interface configuration screen. Then select PING check box.

To implement ACL from their address block you need to create an WAN type address object. Perhaps even address object group.

Then find NAT Policy which says X1 and PING add created address object to the Source/Original. Now you have "Any" so anybody can ping you.

Good luck!

P.S. The latest firmware offers some dedicated  features to limit management access and ping. I never looked at it.
1

Featured Post

Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question