I want to allow ping replies on ppp1 in the fw script, how do I do that?

jserink · August 30, 2016, 2:30am

I’ve tried this:
pass in break end on ppp 1 proto icmp icmp-type echorep code 0

But it does not work.

Any tips?

Cheers,
John

NicholasWilson · August 30, 2016, 2:52am

Try the following. You don’t want an inbound rule because you only want the matched reply.

pass out break end on ppp 1 proto icmp from addr-ppp 1 icmp-type echo inspect-state

jserink · August 30, 2016, 3:14am

I got this to work actually doing this:
pass in break end proto icmp icmp-type echo

I have to let the ping IN before the router can answer it.

This was the only line I had to add to make it work. Since I only enable the FW on the ppp1 interface, I can leave that part of it out.

Cheers,
John

Topic		Replies	Views
(WR21) How do you disable PING replies on the WAN? Digi TransPort WR (Series) ping , block-ping	2	319	December 9, 2020
How do you block all wan pings except for ones from specific IPs? Digi TransPort WR (Series) digi , transport , firewall , wr31	1	393	August 15, 2018
Ca I have a specific FW script for use on a specific interface? Digi TransPort WR (Series) firewall , qos	30	1794	May 17, 2018
How to prevent a ping flood Digi TransPort WR (Series) ping , rate-limit	2	596	April 23, 2018
Why do pings time out from devices connected to my WR21 Digi TransPort WR (Series) transport	4	1040	November 21, 2014