Hi Scott,
Unless I am wrong, I'd do it like this :
1. Define the aaa.bbb.ccc.ddd site in the objects
2. Disable the Accept icmp in the policy properties ... but check 1st this
does not affect others (internal to external ping'ers ??)
3. Add two rules :
a. aaa.bbb.ccc.ddd dst=???? echo-request accept
b. dst=??? aaa.bbb.ccc.ddd echo-reply accept
time-exceeded
Met vriendelijke groeten - Bien � vous - Kind regards
Guy ROELANDTS
Compaq Belgium
E-mail : [EMAIL PROTECTED]
Tel: +32(02)729.77.44 (options 3 - 3 - 1)
Fax: +32(02)729.77.65
-----Original Message-----
From: Scott Becker [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 11, 2000 3:45 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Ping from certain sites only
Policy properties : accept icmp before last
Can anyone tell me how can i only allow ping and traceroutes from say site
aaa.bbb.ccc.ddd ?
Thanks.
____________________________________________________________________________
_________
Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
