Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Traffic rule for ICMP ping on WAN?
  •  
ericbullock

Messages: 41
Karma: 1
Send a private message to this user
I need a little help. I am troubleshooting an issue with an ISP and they have requested that they be able ping the WAN interface. How can I create a traffic rule that gives them what they need but still maintains some semblance of security?

This is a temporary thing. I will disable the rule once we are finished troubleshooting.

Thanks!
  •  
Brian (GFI/Kerio)

Messages: 749
Karma: 71
Send a private message to this user
One of the first rules I create on every installation is a rule that allows ping, but everyone has their preference. The rule looks like this:
Source:Any
Destination: Firewall
Service: Ping
Action: Allow
Translation: None

Brian Carmichael
Instructional Content Architect
  •  
ericbullock

Messages: 41
Karma: 1
Send a private message to this user
Thanks Brian. That is more or less how I had the rule defined.

Wink
  •  
ericbullock

Messages: 41
Karma: 1
Send a private message to this user
Would you mind commenting on WHY you create this rule on every Control installation? I'm curious. I would think that is something you would only do for testing purposes...then turn it off.
  •  
Brian (GFI/Kerio)

Messages: 749
Karma: 71
Send a private message to this user
I like to have it open all the time so I can verify connectivity in case I'm not able to access the administration to temporarily enable the rule. Some may feel that it's insecure to allow ping requests. It's a matter of personal preference.

Brian Carmichael
Instructional Content Architect
Previous Topic: disconnect WAN - PPPoE
Next Topic: Kerio control latency issue
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Sep 26 22:03:59 CEST 2017

Total time taken to generate the page: 0.00410 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.