You need to add the following rule to the TransPort's standard firewall set to allow ICMP traffic to pass:
Allow outbound FTP trafficpass out break end proto ftp from any to any port=ftpcnt flags S!A inspect-state #Allow any other outbound traffic and the replies back inpass out break end inspect-state #Allow incoming IPSECpass break end proto 50 pass in break end proto udp from any to any port=ike pass in break end proto udp from any to any port=4500 #Allow any traffic within an IPSEC tunnel in both directionspass break end oneroute any #Allow incoming SSH and SFTPpass in break end proto tcp from any to any port=22 flags S!A inspect-state #Allow ICMPpass in break end proto icmp inspect-state #Allow incoming HTTPSpass in break end proto tcp from any to any port=443 flags S!A inspect-state #Block and log everything else including incoming telnet, http and FTPblock log break end
Last updated:
Mar 04, 2019