I have created a sample firewall rule at the very top which is:
Source: Internal network
Service: ping, ping6, Traceroute
Destination: External Network, Internal Network, specific devices I want to block from being accessed.
Action: block and log.
The issue: When I try to ping outside networks (google DNS) with this rule enabled, the action times out meaning the firewall is blocking that service and therefore the firewall rule is working. However, the firewall is allowing pings to any device in the internal work, even to devices I have specifically added as the destination.
Also as you can see in my firewall rules I have SSH and Telnet blocked, however I was still able to use putty to create a TCP dump which didn't really tell me anything. Yet, I was till able to log into the UTM using SSH even with a rule at the very top blocking it.
I looked at the Rulez post, and even went to so far as to completely disable every option in the IPS, Webfilter, and Application Visibility however the issue persists. There must be something I'm overlooking? All the option on the ICMP are unchecked as well.
This thread was automatically locked due to age.