Author Topic: How to allow ping on WAN ? (Read 27875 times)

hushcoden · « **on:** January 13, 2021, 08:04:58 am »

Can someone please advise on how I can allow ping on the WAN side?

I'm trying to set up an external service which in order to work must receive a ping response from my WAN address.

Tia.

hushcoden · « **Reply #1 on:** January 13, 2021, 11:29:25 am »

perhaps I found out how to do it, i.e. need a firewall rule:

Action: Pass
Interface: WAN
Protocol: ICMP
ICMP type: Echo Request
Source: any
Destination: WAN address
Description: Allow ping on WAN

Can someone please confirm if it's the correct one?

Tia.

bartjsmit · « **Reply #2 on:** January 13, 2021, 11:32:29 am »

Quote from: hushcoden on January 13, 2021, 11:29:25 am

Can someone please confirm if it's the correct one?

Yes that's right. Make sure you pick at least IPv4 for the protocol. IPv6 relies heavily on ICMP so you may as well include that.

Bart...

hushcoden · « **Reply #3 on:** January 13, 2021, 02:30:19 pm »

Thanks.

mihak · « **Reply #4 on:** January 14, 2021, 03:06:10 am »

Depending on your needs, but it is typically better to limit ICMP by source address (who can ping you) then by type of ICMP (what control messages you allow).

By allowing Echo requests only but not other ICMP types, you might get some unpredictable results, especially if you start adding tunnels (IPv6 tunnel, VPN tunnel)...

So, relax your ICMP Type a bit - allow *all* ICMP types of traffic, but limit it to known/required IP sources.

Author Topic: How to allow ping on WAN ? (Read 27875 times)

hushcoden

How to allow ping on WAN ?

hushcoden

Re: How to allow ping on WAN ?

bartjsmit

Re: How to allow ping on WAN ?

hushcoden

Re: How to allow ping on WAN ?

mihak

Re: How to allow ping on WAN ?