Business Community > All Threads > Firewall Rule to Allow Ping from Specific Addresses
< All Threads

Firewall Rule to Allow Ping from Specific Addresses

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Firewall Rule to Allow Ping from Specific Addresses

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Firewall Rule to Allow Ping from Specific Addresses
Firewall Rule to Allow Ping from Specific Addresses
2022-04-08 09:32:40 - last edited 2022-04-11 00:53:38
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.2.0

I have created a firewall rule to allow Ping responses to requests that originate from specific addresses but it does not work and the documentation is incomplete so would appreciate some guidance on how to set this up. This is what I have;

 

 

I have tried setting the destination to "Me" and other options but this does not work either. The only way to get this to work is to allow Ping globally via the Attack Defense configuration which is obviously undesirable. 

 

The documentation is not much help as it does not explain the scope of the default Destinations such as "Me" and "IPGROUP_ANY".

 

Any ideas would be very welcome.

  0      
 
  0      
 
#1
Options
3 Reply
Re:Firewall Rule to Allow Ping from Specific Addresses
2022-04-11 04:45:18

 Dear @Pieman 

 

Attack Defense configuration has the highest priority.

 

You can allow Ping on Attack Defense. Then on Access Control add two rules:

First one is to allow Ping from your specific addresses;

Second one is to block all Ping from Any IP. 

 

The Access Control will apply the rules in sequence.

 

Regards

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  1  
  1  
#2
Options
Re:Firewall Rule to Allow Ping from Specific Addresses
2022-04-11 08:23:14

  @Hank21 

 

Thanks Hank, that did the trick!

 

Any idea where better Firewall documentation is available? i.e. default rule order, meaning of the default IP Groups, etc.  I feel that there is more that can be done but without decent docs I'm stabbing in the dark with some features e.g. OpenVPN.

  0  
  0  
#3
Options
Re:Firewall Rule to Allow Ping from Specific Addresses
2022-04-14 08:26:36

  @Pieman 

 

I tried to do similar thing, trying to the router.  But apparently it doesn't restrict the ping from a specific IP address.

 

I don't block ping in Attack Defense.  Then In access control, I set up rule 9:  ping allowed not just from Remote_office but anywhere. 

 

Even adding rule 10 doesn't change the same behvior.

 

 

  ID Name Source Destination Source Network Destination Network Policy Service Type Direction Effective Time Operation
  9 Office_Ping Remote_Office Me --- --- Allow ICMP_ALL [WAN] IN,[WAN/LAN1] IN Any  
  10 Block_Ping IPGROUP_ANY Me --- --- Block ICMP_ALL [WAN] IN,[WAN/LAN1] IN Any

 

 

  0  
  0  
#4
Options

Information

Helpful: 0

Views: 1001

Replies: 3

Related Articles
How to set port-specific firewall rules?
233 0
IPV4 Firewall Lan to Wan rule blocks internal communication with DVR
447 0
Firewall Rule - Allow Main VLAN to controll IOT Vlan
5178 0
ER605 Access Control Question (Block WAN to specific VLAN but allow other LAN)
535 0
Firewall "Ping Of Death" blocks regular pings
1760 0
Only allow a specific device on a specific LAN port
1425 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.