How to allow ICMP traffic to pass with Transport firewall rule

You need to add the following rule to the Transport's firewall to allow ICMP traffic to pass

Allow outbound FTP traffic
pass out break end proto ftp from any to any port=ftpcnt flags S!A inspect-state
#Allow any other outbound traffic and the replies back in
pass out break end inspect-state
#Allow incoming IPSEC
pass break end proto 50
pass in break end proto udp from any to any port=ike
pass in break end proto udp from any to any port=4500
#Allow any traffic within an IPSEC tunnel in both directions
pass break end oneroute any
#Allow incoming SSH and SFTP
pass in break end proto tcp from any to any port=22 flags S!A inspect-state
#Allow ICMP
pass in break end proto icmp inspect-state
#Allow incoming HTTPS
pass in break end proto tcp from any to any port=443 flags S!A inspect-state
#Block and log everything else including incoming telnet, http and FTP
block log break end
 
Last updated: Aug 23, 2017

Filed Under

Cellular/Transport

Recently Viewed Articles

No recently viewed articles
Contact a Digi expert and get started today! Contact Us