Solved: deny ping reply setup

Alexman11 · ‎11-01-2021

I've tested RV345 internet vulnerabilities. The results are ok, except ping echo reply:

"Ping Reply: — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet."

In RV345/ firewall/ ACL as you can see from the picture attached, I setup "deny" for the followings:

-ICMP ping request-deny

-ICMP ping reply-deny

-ICMP destination unreacheable-deny

Where I am wrong?

Thx

balaji.bandi · ‎11-01-2021

May be Try : (i do not have RV to test) , make sure this ACL rule top of the rule,. if any rule allow, this rule not valid.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎11-01-2021

May be Try : (i do not have RV to test) , make sure this ACL rule top of the rule,. if any rule allow, this rule not valid.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

nagrajk1969 · ‎11-01-2021

Hi

In Firewall/Basic-Settings page, there is a setting/option "Block Wan Request", which is may have been disabled/unchecked by the admin/yourself earlier for some reason

- This option/setting is for the same purpose of blocking/disabling ping-response and is actually enabled "by default"

You can also add explicit ACL rule(s) as advised above to deny icmp-ping-response, but the option "block wan request" adds the same as implicit/built-in firewall deny rule