Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 4452 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ethernet Bridge Ping Packet Filtered

CWanamaker
I have an ethernet bridge setup to connect two devices without a DMZ switch. We can ping our firewall and the first device just fine, but the second device fails. When I try to ping the second device from within the UTM, I get the reply:

PING [OUR IP] ([OUR IP]) 56(84) bytes of data.
From [OUR IP]: icmp_seq=1 Packet filtered

Never seen that before. Any ideas how to fix it? I checked PING on and PING through the firewall and both are checked


This thread was automatically locked due to age.
  • 0
    Hi, what do the firewall and IPS logs show?

    Barry
  • 0 in reply to BarryG
    IPS is off at the moment and firewall logs show nothing
  • 0
    Check the IPS log anyways; other things log there too (Portscan, flood protection).

    Barry
  • 0
    Sometime in the last year, Sophos changed the way the selections on the 'ICMP' tab work.  Now, "through" and "forwards" are only for traffic leaving the subnet you're in, but not for traffic leaving any interface that doesn't have a default gateway.  I think this also applies to bridges, so you might need a firewall rule to allow that traffic.

    Do you also have 'Ping from Gateway' checked?

    Cheers - Bob
    PS I wouldn't ever ignore a suggestion from Barry.  ICMP Flood Protection activity also is recorded in the IPS log.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner