This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ethernet Bridge Ping Packet Filtered

I have an ethernet bridge setup to connect two devices without a DMZ switch. We can ping our firewall and the first device just fine, but the second device fails. When I try to ping the second device from within the UTM, I get the reply:

PING [OUR IP] ([OUR IP]) 56(84) bytes of data.
From [OUR IP]: icmp_seq=1 Packet filtered

Never seen that before. Any ideas how to fix it? I checked PING on and PING through the firewall and both are checked

This thread was automatically locked due to age.

0 BarryG over 10 years ago

Hi, what do the firewall and IPS logs show?

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 CWanamaker over 10 years ago in reply to BarryG

IPS is off at the moment and firewall logs show nothing
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 10 years ago

Check the IPS log anyways; other things log there too (Portscan, flood protection).

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 10 years ago

Sometime in the last year, Sophos changed the way the selections on the 'ICMP' tab work. Now, "through" and "forwards" are only for traffic leaving the subnet you're in, but not for traffic leaving any interface that doesn't have a default gateway. I think this also applies to bridges, so you might need a firewall rule to allow that traffic.

Do you also have 'Ping from Gateway' checked?

Cheers - Bob
PS I wouldn't ever ignore a suggestion from Barry. ICMP Flood Protection activity also is recorded in the IPS log.
Cancel
Vote Up 0 Vote Down

Cancel