Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allow ICMP but answer from server

    Firewalling
    2
    4
    282
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Operations
      last edited by

      I have got an IPV4 /29 block and my ISP external address. I have allowed ICMP (ping) so i can check if server is running (with a source address) but when i ping an external address my PfSense replies (even if server is down, it replies)

      How can i change the rule so that the ping request ends up on the correct server?

      I have got an allow ICMP rule on the floating firewall.

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Operations
        last edited by

        @operations
        You have to forward ICMP requests to the internal server IP.

        O 1 Reply Last reply Reply Quote 0
        • O
          Operations @viragomann
          last edited by Operations

          @viragomann i get that, but why is my PfSense answering now? I don't get that.

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @Operations
            last edited by

            @operations
            If the packets are forwarded pfSense shouldn't reply itself.
            The pass rule has to have the internal server IP as destination then.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post