ICMP packets between site-to-site VPN client/server?



  • I'm in the process of trying to tighten up the security on my site-to-site VPN interface between my two homes (previously just had an any/any rule on that interface from when I first set it up).

    Since taking away the any/any rule I've noticed my logs are showing blocks of ICMP traffic between the the server and client as shown below.  This traffic did not show up when I first took the any/any rule away and had no rules at all.  It only showed up after I added a rule to allow RDP between a specific host on the client side to a host on the server side.  But even disabling that rule hasn't stopped the ICMP traffic.

    Is this traffic just normal "check if alive" traffic between the two nodes and if so why have I never seen it before?

    EDIT: I guess it was a normal "check if alive" packet as once I created a pass rule for it, the traffic stopped once the 1 packet passed.



  • That's from gateway monitoring, where the specific ovpnX interface is assigned.


Log in to reply