1

I am not sure if this is possible or not. I have set up some web servers and ftp servers that are statically NATted behind a sonicwall tz500. I can access all via ftp, http, https. I have included ping in the access & nat rules, but the servers don't respond to ICMP.

I haven't touched IPS policies at all, so all is via default.

user202243
  • 13
  • 4
  • Does the server response to ICMP inside the network? Do the servers have any OS firewalls, etc. that block based on network scope like Windows Firewall does for example? Trying to think simple here first for other levels the ping would be blocked. – Pimp Juice IT Oct 31 '15 at 01:35

1 Answers1

1

You have to setup NAT AND Firewall rules, by default the sonicwall blocks all inbound traffic WAN>LAN

I don't have access to make screen shots but essentially.

Allow for zone wan to zone LAN from any to Public IP services ICMP.

And set your GeoIP and other IPS rules accordingly.

You can also respond to ping on the interface itself with a WAN to WAN rule

Is there a reason you want ICMP enabled? A simple telnet or netcat to check for TCP/80 is usually better for troubleshooting

Jacob Evans
  • 7,886
  • 3
  • 29
  • 57