How to block ICMP Echo Reply with UTM 9.

eonline

Level 21
Thread author
Verified
Well-known
Nov 15, 2017
1,064
Briefly explain your current issue(s)
NO block icmp echo reply.
Steps taken to resolve, but have been unsuccessful
Ask.
Hi, I'm trying to pass the shields up test but it always does the test on my router not on my firewall. If anyone can help me solve this problem very grateful in advance.

Post data: I asked in another forum but do not know how to answer. Thank you.
 
  • Like
Reactions: Weebarra
F

ForgottenSeer 58943

Hi, I'm trying to pass the shields up test but it always does the test on my router not on my firewall. If anyone can help me solve this problem very grateful in advance.

Post data: I asked in another forum but do not know how to answer. Thank you.

So you are wanting to bypass your router/firewall/utm and see how your desktop software firewall response to ICMP? Hopefully I am understanding what you want here.

If that's the case, get the gateway of your ISP modem/router via whatismyip in google. Then connect to a hotspot or external network, or even a VPN then try to ping back to your WAN, does it respond? If it doesn't respond then you need to either bridge your isp gear, set disable firewall for true static, or go into settings and enable ICMP passthrough. After that you need to pass ICMP through your UTM 9 or set your local (LAN) IP for bypass/DMZ then rerun the test.

That's pretty much all you need to do either way, but if your ISP is force blocking ICMP and you can't get into it to make changes then you are pretty much out of luck.
 
Upvote 0
5

509322

So you are wanting to bypass your router/firewall/utm and see how your desktop software firewall response to ICMP? Hopefully I am understanding what you want here.

If that's the case, get the gateway of your ISP modem/router via whatismyip in google. Then connect to a hotspot or external network, or even a VPN then try to ping back to your WAN, does it respond? If it doesn't respond then you need to either bridge your isp gear, set disable firewall for true static, or go into settings and enable ICMP passthrough. After that you need to pass ICMP through your UTM 9 or set your local (LAN) IP for bypass/DMZ then rerun the test.

That's pretty much all you need to do either way, but if your ISP is force blocking ICMP and you can't get into it to make changes then you are pretty much out of luck.

The OP doesn't understand any of that... he needs step-by-step, "How To" instructions.
 
Upvote 0

eonline

Level 21
Thread author
Verified
Well-known
Nov 15, 2017
1,064
I asked my ISP for Port-forwarding, bridge mode and DMZ and they can't do it. And any change I make from the router is automatically cancelled.
 
  • Like
Reactions: Weebarra
Upvote 0

Bleak

Level 4
Verified
Well-known
Sep 5, 2017
149
How did you come to know for sure that changes gets 'canceled'?
Try google search like: <router name with model> port forwarding.
We can't help you for on a detailed instructions since we don't know your router model and routers tend to have a bit difference on doing some tasks.
 
Upvote 0
F

ForgottenSeer 58943

I asked my ISP for Port-forwarding, bridge mode and DMZ and they can't do it. And any change I make from the router is automatically cancelled.

This means your ISP is pushing the config out to you and they have pattern that they push to every customer to default the modem/router and if needed reload the statics and configurations. This helps reduce service calls from customers and is usually pushed between 24-72 hours in the middle of night or very early morning hours.

Unfortunately, unless they agree to allow you to make changes, and then agree to stop pushing configs to you there isn't much you can do EXCEPT - do they allow you to utilize your own modem? ISP's won't (and cannot legally) push configs to CPE (customer provided equipment) so you'll be out from under the watchful and controlling gaze if you can replace their gear. That is provided they authorize your own gear. Most ISP's have a list of supported equipment you can purchase.
 
Upvote 0

eonline

Level 21
Thread author
Verified
Well-known
Nov 15, 2017
1,064
Hi, I switched to the xg firewall home. But the problem remains the same. Greetings and thanks.
 
Upvote 0

Yellowing

Level 5
Verified
Jun 7, 2018
221
Hi.
He meant you should change the hardware, not the software. Buy a good router and use it instead, if that is possible. :)
Switching the software does not help with WAN pings. (as long as its the software on your PC and not the on the router)
 
  • Like
Reactions: ForgottenSeer 58943
Upvote 0

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top