Hi,
I have a Peplink Balance 210 firmware 7.1.2 build 4094. I have created entries in Access Rules to disabled
for Inbound, outbound and internal. I have disabled ICMP reply in all WAN as well. All these didn’t work as I could still ping ip address of the LLB and it reply accordingly.
Has anyone else seen this?
Regards
Chee Wen
Hi! Welcome to the Forum!
First I would recommend upgrading to Firmware 8.0.
You can’t use the firewall to block ICMP replies (or any other inbuilt service - although that is coming in 8.0.1), you have to disable reply to ICMP in the WAN connection settings. If you have done this then either there is a bug or something else is replying.
Do you have any 1:1 NAT configured? Could an internal device be replying to ping?
Hi Martin,
Yes, 1:1 NAT was configured.
I am new with this (pardon me for the lame excuse) – but how to prove that internal device replying to the ping instead of Peplink Balance.
Regards,
Chee Wen
If 1:1 NAT is enabled, you can either quickly unplug the device and try and ping the WAN to prove it or you can look to turn off ICMP reply on the internal device that is the target of 1:1 NAT.
Apart from that, you can run a network capture and see whats going on and what is replying.
Hi Martin,
Problem solved. My counter part in HQ confirm that ICMP reply was blocked.
Thanks so much for your help.
Regards,
Chee Wen