1 2 Previous Next 11 Replies Latest reply on Feb 27, 2010 8:20 AM by rcamm

    PING echo responses dropped by SG580 firewall

      SG580  firmware:

      Version
      SecureComputing/SG580 Version 3.1.6 -- Tue, 29 Jul 2008 18:01:19 +1000
      Linux version 2.4.31-uc0 (build@sgbuild) (gcc version 3.3.2) #1 Tue Jul 29 20:15:43 EST 2008

      Serial Number: 0601450691330590

       

      When I PING the Cisco router at a remote site (139.130.159.38) from the SG580 diagnostics\network tests page using the ADSL inteface as the source (165.228.55.10)

       

      I get no response and this entry in the syslog:

       

      Feb 16 12:00:56 kernel: Default - dropped: IN=ppp0 OUT= MAC= SRC=139.130.159.38 DST=165.228.55.10 LEN=84 TOS=0x00 PREC=0x00 TTL=251 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=685 SEQ=1 
      Feb 16 12:00:57 kernel: Default - dropped: IN=ppp0 OUT= MAC= SRC=139.130.159.38 DST=165.228.55.10 LEN=84 TOS=0x00 PREC=0x00 TTL=251 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=685 SEQ=2 
      Feb 16 12:00:58 kernel: Default - dropped: IN=ppp0 OUT= MAC= SRC=139.130.159.38 DST=165.228.55.10 LEN=84 TOS=0x00 PREC=0x00 TTL=251 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=685 SEQ=3 
      Feb 16 12:00:59 kernel: Default - dropped: IN=ppp0 OUT= MAC= SRC=139.130.159.38 DST=165.228.55.10 LEN=84 TOS=0x00 PREC=0x00 TTL=251 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=685 SEQ=4 

      If I PING the SG580 from the Cisco site the pings are answered (echo response is enabled in SG580). Why are response packets being blocked?

       

      There is an active IPSec VPN tunnel between these two IP addreses, can that be causing a problem?

        1 2 Previous Next