How to allow ping on WAN ?

Started by hushcoden, January 13, 2021, 08:04:58 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 13, 2021, 08:04:58 AM
Can someone please advise on how I can allow ping on the WAN side?

I'm trying to set up an external service which in order to work must receive a ping response from my WAN address.

Tia.
January 13, 2021, 11:29:25 AM #1
perhaps I found out how to do it, i.e. need a firewall rule:

  • Action: Pass
  • Interface: WAN
  • Protocol: ICMP
  • ICMP type: Echo Request
  • Source: any
  • Destination: WAN address
  • Description: Allow ping on WAN
Can someone please confirm if it's the correct one?

Tia.
January 13, 2021, 11:32:29 AM #2
Quote from: hushcoden on January 13, 2021, 11:29:25 AM
Can someone please confirm if it's the correct one?

Yes that's right. Make sure you pick at least IPv4 for the protocol. IPv6 relies heavily on ICMP so you may as well include that.

Bart...
January 13, 2021, 02:30:19 PM #3
Thanks.
January 14, 2021, 03:06:10 AM #4
Depending on your needs, but it is typically better to limit ICMP by source address (who can ping you) then by type of ICMP (what control messages you allow).

By allowing Echo requests only but not other ICMP types, you might get some unpredictable results, especially if you start adding tunnels (IPv6 tunnel, VPN tunnel)...

So, relax your ICMP Type a bit - allow *all* ICMP types of traffic, but limit it to known/required IP sources.
Print
Go Up Pages1
User actions