Discard ping isn't discarding ping

Hi there

I’ve got a Balance 210 that replies to pings from the internet even though all WAN’s are set to “Reply to ICMP PING *disabled”*on the appropriate page.

Is there something I’m overlooking?

Is it possible you are forwarding all inbound traffic to an internal device?

Yes it is possible and the device has been told not to reply.
Simple problem solved by my simple oversight.

Turns out that it’s still an issue. Deny inbound icmp entries are polluting my Cisco ASA5505’s log.

Which takes priority, a firewall rule or a NAT mapping?

Firewall rule will override NAT Mappings.

So if I go:

NAT Mapping:
LAN Client------Inbound Mappings--------------------------Outbound Mappings
192.168.1.11—(WAN1):xxx.xxx.xxx.xxx (Interface IP)-------Use Interface IP only

and

Inbound Firewall Rules:
Rule—Protocol------WAN—Source------Destination-------Policy
Ping—ICMP:8-------Any----Any---------192.168.1.11-----Deny

ICMP ping denys shouldn’t be showing up in the log of my ASA5505 and ShieldsUp shouldn’t be reporting that WAN1 replies to pings.
Because they are and it is.

Please open up a support ticket with us here and we will investigate the issue.