ICMP

cancel
Showing results for 
Search instead for 
Did you mean: 

ICMP

Not applicable

When creating an application ID for the ICMP can you specifiy the codes, right now it just seems to cover only the types.

Reason being is that due to security restrictions only certain types of ICMP traffic is allowed to cross one type of ICMP that needs to be allowed it type 3 code 4 which is for the packet fragmentation.

1 ACCEPTED SOLUTION

Accepted Solutions

L4 Transporter

The answer is no. Currently we have an application called PING and an application called ICMP. This is the only granularity at this time. You may be able to create a Custom App that uses the type field to get more specific.

Steve Krall

View solution in original post

3 REPLIES 3

L6 Presenter

May I suggest you take a look at the Zone Protection feature.  The feature can be enable to detect & block ICMP fragmentation.

Thanks.

Thanks for the response, but I guess did not make myself clear enough on what I am trying to accomplish.

With our current firewall we have rules to allow only certain type of ICMP traffic, while the rest will get denied.

internal network --> outside   ***allow the following ICMP types

icmp echo

icmp echo-reply

icmp time-exceeded

icmp source-quench

icmp destination unreachable/fragmentation required, DF flag set (type 3 code 4)

I know I can create an application ID for the different ICMP types, but when you are creating an application type of ICMP it only allows you specify the type, but not the code.  If I am creating an application ID for ICMP for type 3 it would allow all type 3 traffic, but what I want is to only allow type 3 code 4 ICMP packets. All the other ICMP type 3 packets are to be dropped.

L4 Transporter

The answer is no. Currently we have an application called PING and an application called ICMP. This is the only granularity at this time. You may be able to create a Custom App that uses the type field to get more specific.

Steve Krall

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!