We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure ICMP Settings

  • Last updated on

ICMP (Internet Control Message Protocol) is used for diagnostic or control purposes. Network devices send one of the twenty four ICMP errors directed at the source IP of a packet, for example to let the source device know that it is currently not available or the desired destination can not be reached. The Barracuda NextGen Firewall F-Series uses the following terms to describe the IP addresses involved in a ICMP reply:

Forward / Reverse / Target IP Addresses

FW_ICMP_01.png

Forward Policy

The forward policy affects ICMP messages that are caused by traffic from the source to the destination.

FW_ICMP_02.png

Reverse Policy

The reverse policy affects ICMP messages that are caused by traffic from the destination back to the source.

FW_ICMP_03.png

Configure ICMP Handling Policy

ICMP handling policy is configurable per firewall rule:

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules
  2. From the Views menu on the left of the Edit Rule window, select ICMP Handling.

    icmp.png

  3. In the Use Policy dropdown field, select one of the following options:

    • Default Policy – The default policy decides automatically whether to use forward or target address:
      • With NAT – The forward address is used (no internal IP address is visible).

      • Without NAT – The target address is used.

    • NO ICMP AT ALL – Block all ICMP settings.
    • Use Forward Address – The forward address is used for ICMP messages.
    • Use Reverse Address – The reverse address is used for ICMP messages.
    • Use Target Address – The target address is used for ICMP messages. 
  4. Select which replies are blocked in the BLOCKED ICMP Messages section.

    To configure a policy template select New ICMP Param Object in the ICMP tab of the Object Viewer.

  5. Click OK.

  6. Click Send Changes and Activate.

Last updated on