[c-nsp] ICMP Filtering on firewall
varaillon
j.varaillon at cosmoline.com
Tue Sep 11 06:21:26 EDT 2007
Hi,
We are filtering and rate limiting icmp traffic on our border router to let
in&out:
Echo
Echo-reply
Unreachable
Time-exceeded
What about icmp to our firewall's interfaces?
Shouldn't I allow the firewall to respond to or send those icmp messages as
well?
What would be the best current practices regarding ICMP traffic ti
firewalls' interfaces?
Thank you!
Christophe
More information about the cisco-nsp
mailing list