Control Specific ICMP or ICMPv6 Types and Codes
Use this task to create a custom ICMP or ICMPv6 application and then create a security policy rule to allow or deny that application.
- Create a custom application for ICMP or ICMPv6 message types and codes.
- SelectandObjectApplicationsAdda custom application.
- On theConfigurationtab, enter aNamefor the custom application and aDescription. For example, enter the name ping6.
- ForCategory, selectnetworking.
- ForSubcategory, selectip-protocol.
- ForTechnology, selectnetwork-protocol.
- On theAdvancedtab, selectICMP TypeorICMPv6 Type.
- ForType, enter the number (range is 0-255) that designates the ICMP or ICMPv6 message type you want to allow or deny. For example, Echo Request message (ping) is 128.
- If the Type includes codes, enter theCodenumber (range is 0-255) that applies to theTypevalue you want to allow or deny. SomeTypevalues have Code 0 only.
- Create a Security policy rule that allows or denies the custom application you created.
- Commit your changes.ClickCommit.
Security Policy Rules Based on ICMP and ICMPv6 Packets
Security Policy Rules Based on ICMP and ICMPv6 Packets The firewall forwards ICMP or ICMPv6 packets only if a security policy rule allows the session ...
ICMP Internet Control Message Protocol (ICMP) ( RFC 792 ) is another one of the main protocols of the Internet Protocol suite; it operates at ...
Session Settings The following table describes session settings. Session Settings Description Rematch Sessions Click Edit and select Rematch Sessions to cause the firewall to apply ...
Configure Packet Based Attack Protection
Configure Packet Based Attack Protection To enhance security for a zone, Packet-Based Attack Protection Protect your network against bad IP, TCP, ICMP, IPv6, and ICMPv6 ...
Defining Applications Select Objects Applications to Add a new custom application for the firewall to evaluate when applying policies. New Application Settings Description Configuration Tab ...
Configure DoS Protection Against Flooding of New Sessions
Configure DoS Protection Against Flooding of New Sessions Configure Security policy rules to deny traffic from the attacker’s IP address and allow other traffic based ...
Security Policy Actions
Security Policy Actions For traffic that matches the attributes defined in a security policy, you can apply the following actions: Action Description Allow (default) Allows ...
Configure SCTP Security
SCTP security features allow you to inspect and filter SCTP packets. Allocate SCTP log storage so the firewall can store SCTP log information. ...
Create a Custom Application
Create a Custom Application To safely enable applications you must classify all traffic, across all ports, all the time. With App-ID, the only applications that ...