Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 4435 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ethernet Bridge Ping Packet Filtered

CWanamaker
I have an ethernet bridge setup to connect two devices without a DMZ switch. We can ping our firewall and the first device just fine, but the second device fails. When I try to ping the second device from within the UTM, I get the reply:

PING [OUR IP] ([OUR IP]) 56(84) bytes of data.
From [OUR IP]: icmp_seq=1 Packet filtered

Never seen that before. Any ideas how to fix it? I checked PING on and PING through the firewall and both are checked


This thread was automatically locked due to age.
Parents
  • 0
    Sometime in the last year, Sophos changed the way the selections on the 'ICMP' tab work.  Now, "through" and "forwards" are only for traffic leaving the subnet you're in, but not for traffic leaving any interface that doesn't have a default gateway.  I think this also applies to bridges, so you might need a firewall rule to allow that traffic.

    Do you also have 'Ping from Gateway' checked?

    Cheers - Bob
    PS I wouldn't ever ignore a suggestion from Barry.  ICMP Flood Protection activity also is recorded in the IPS log.
Reply
  • 0
    Sometime in the last year, Sophos changed the way the selections on the 'ICMP' tab work.  Now, "through" and "forwards" are only for traffic leaving the subnet you're in, but not for traffic leaving any interface that doesn't have a default gateway.  I think this also applies to bridges, so you might need a firewall rule to allow that traffic.

    Do you also have 'Ping from Gateway' checked?

    Cheers - Bob
    PS I wouldn't ever ignore a suggestion from Barry.  ICMP Flood Protection activity also is recorded in the IPS log.
Children
No Data