Am I Missing Something? Firewall rule not blocking tracert

Question

UTM 9.3 Software version

Onboard NIC - WAN
Dual NIC Card - Internal Networks.

I have just set up and activated the second internal network. I want to keep the two segmented and understood this was by default. However, when I tracert a device on network one I get a response from the firewall and the device. Looking I have created a rule to drop anything from network one to network two but still the tracert succeeds. Looking at a live log I see the packets dropped, but I still get a successful tracert.

Am I missing something here?

This thread was automatically locked due to age.

BAlfson · Accepted Answer

Hi, KJV, and welcome to the UTM Community! yes, you are missing the 'ICMP' tab in 'Network Protection >> Firewall' that is considered first. See the https://www.astaro.org/gateway-products/general-discussion/49065-rulz.html to understand why. Cheers - Bob 
 PS I edited the title of your thread so that it connects with the content of your question.