restrict the Access for multiple Networks over SG105

When using various facilities, the UTM creates "system" firewall rules to allow them to function. These have precedence over manually created firewall rules. Examples are for ICMP at Network Protection > Firewall > ICMP or anywhere there is an allowed networks boxy, such as the Web Filtering proxy. For ICMP/ping, you wouldn't need to stop using the checkboxes on the ICMP Tab and create only manual rules to allow the traffic. For Web, you would need to create your blocks in the Web Filtering Filter Actions in use.

Hi Scott,

thanks for your Answer. I've created a Firewall-Rule which mostly works, only ping is possible. I did chose the Option "any" by Services and I thought that would block ping either, but it don't. What for Options in that Rule are needed?

Andy

Any doesn't cover ICMP. You need to change the Type of Definition to ICMP and select the type that you want to allow.

Hi, Andreas, and welcome to the UTM Community!

I suspect you're seeing this because of the way you have Web Filtering configured.  You might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, send me an email requesting it to my member name here @ the domain listed in my signature block - please include your member name here in your email as this offer is only for members.  I also maintain a version auf Deutsch translated by fellow member hallowach when he and I did a major revision in 2013.

Cheers - Bob

Hi all,

thanks for your Notes. I've found the Cause.
It was because of an Firewall-Rule which allowed ping to any Destination. Changed it -> worked