Disable "Reply to ICMP Ping" with exceptions.

Product Discussion Peplink Balance
,
1

Hello;

We use a Peplink Balance 305 HW2 - Firmware 8.2.0 Build 5103. We’re reviewing our security and investigating the “Reply to ICMP Ping” option, specifically looking to potentially disable it for that added little bit of security. However we do want to still have ICMP Ping Reply available for a select few IP Addresses that we use.

Is it possible to have a blanket rule not to send ICMP Ping Replies with a few exceptions? The Main Option for “Reply to ICMP Ping” doesn’t seem to have any sub-options, it’s just a binary yes/no. Can Firewall Inbound/Outbound rules potentially take care of this?

Thank you for your time.
-JC

2

Hey there JC

While i haven’t personally played around it yet, i do know that it is possible to control ICMP via the firewall settings.

From there you can set a blanket deny on all ICMP pings and set an allow rule for specific IP addresses/ranges.

Hopefully this sufficiently points you in the right direction.