Control Specific ICMP or ICMPv6 Types and Codes
Use this task to create a custom ICMP or ICMPv6 application and then create a security policy rule to allow or deny that application.
- Create a custom application for ICMP or ICMPv6
message types and codes.
- Select ObjectApplications and Add a custom application.
- On the Configuration tab, enter a Name for the custom application and a Description. For example, enter the name ping6.
- For Category, select networking.
- For Subcategory, select ip-protocol.
- For Technology, select network-protocol.
- Click OK.
- On the Advanced tab, select ICMP Type or ICMPv6 Type.
- For Type, enter the number (range is 0-255) that designates the ICMP or ICMPv6 message type you want to allow or deny. For example, Echo Request message (ping) is 128.
- If the Type includes codes, enter the Code number (range is 0-255) that applies to the Type value you want to allow or deny. Some Type values have Code 0 only.
- Click OK.
- Create a Security policy rule that allows or denies the
custom application you created.Create a Security Policy Rule. On the Application tab, specify the name of the custom application you just created.
- Commit your changes.Click Commit.
Security Policy Rules Based on ICMP and ICMPv6 Packets
Security Policy Rules Based on ICMP and ICMPv6 Packets The firewall forwards ICMP or ICMPv6 packets only if a security policy rule allows the session ...
ICMP Internet Control Message Protocol (ICMP) ( RFC 792 ) is another one of the main protocols of the Internet Protocol suite; it operates at ...
Session Settings The following table describes session settings. Session Settings Description Rematch Sessions Click Edit and select Rematch Sessions to cause the firewall to apply ...
Configure Packet Based Attack Protection
Configure Packet Based Attack Protection To enhance security for a zone, Packet-Based Attack Protection Protect your network against bad IP, TCP, ICMP, IPv6, and ICMPv6 ...
Security Policy Actions
Security Policy Actions For traffic that matches the attributes defined in a security policy, you can apply the following actions: Action Description Allow (default) Allows ...
Defining Applications Select Objects Applications to Add a new custom application for the firewall to evaluate when applying policies. New Application Settings Description Configuration Tab ...
Configure DoS Protection Against Flooding of New Sessions
Configure DoS Protection Against Flooding of New Sessions Configure Security policy rules to deny traffic from the attacker’s IP address and allow other traffic based ...
Session Settings and Timeouts
Session Settings and Timeouts This section describes the global settings that affect TCP, UDP, and ICMPv6 sessions, in addition to IPv6, NAT64, NAT oversubscription, jumbo ...
Configure SCTP Security
SCTP security features allow you to inspect and filter SCTP packets. Allocate SCTP log storage so the firewall can store SCTP log information. ...