Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

can't ping public domain/IP from LAN

samajsamaj Newbie ✭
edited December 2020 in Entry Level Firewalls

From LAN I cannot ping google.com or any public domain. Any link or suggestion ... Any settings that I can configure/apply and I can ping any public domain / IP from the LAN. (TZ600 -SonicOS Enhanced 6.5.4.7-83n)

Category: Entry Level Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    samajsamaj Newbie ✭
    Answer ✓

    hey @shiprasahu93

    thanks for reply

    I checked

    1 ping service not blocking from LAN to WAN access rule

    2 yes low priority attacks enabled in IPS

    3 and yes unable to ping both 8.8.8.8 as well as google.com

Answers

  • Hello @samaj,

    Please check the following

    1) Access rule from LAN to WAN blocking Ping service

    2) If low priority attacks is enabled for prevention under MANAGE | Security Services | IPS

    Also, are you unable to ping both 8.8.8.8 as well as google.com or just google.com. This will tell us if the issue is with DNS.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • @samaj,

    Yes, ping is considered as a low priority attack. Kindly have it set to only detect and not prevent under IPS.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • samajsamaj Newbie ✭

    @shiprasahu93

    thanks

    Ok got it .. but a bit risky isn't it? I mean if I disable low priority attack in IPS, will it affect security services (network security) in any way?

    And if I only want to allow specific user / IP to ping from LAN to the public domain ... is it possible?

  • @samaj ,

    I apologise for the delayed response.

    If you do not wish to turn off low priority checks completely, you can just disable low priority ICMP IPS checks or add certain public IPs to the IPS exclusion list.

    Honestly, the recommended settings is to have the low priority IPS set to just detect and not prevent.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.