1 2 Previous Next 11 Replies Latest reply on Nov 9, 2010 9:58 PM by rengaraj

    Add ICMP Traffic to McAfee Firewall

      We have a SonicWall router and McAfee Total Protection 2010.  The hardware firewall has been set up to allow all access between lan connections.  The McAfee firewall is blocking ICMP traffic between computers.  We can't ping, we're having long login times, and recently a software update caused our accounting software to cease working.

       

      We've traced the problem to the way we had the firewall set up.  On the Security Center page, on the Firewall tab for the default policy, under connection type we have custom selected.  If we change it to Trusted Network, all our problems go away as the software is no longer blocking anything within the network.  We want to keep it blocking any unwanted traffic, but I don't know how to add ICMP to the custom connection type.  From what I undestand you have to create a rule for it as it can change ports.

       

      Can anyone help me, SonicWall sent me to McAffee and I haven't been able to find the appropriate contact for this.

       

      Thanks for any help you can give, I'll happily post screen shots or give any more information if necessary.


      Steve

        • 1. Re: Add ICMP Traffic to McAfee Firewall

          Open McAfee Security Center> Click on Firewall> Click on Settings> Click on Smart Advice and Advanced Settings

          ICMP.jpg

          Hope this would help you...

          1 of 1 people found this helpful
          • 2. Re: Add ICMP Traffic to McAfee Firewall

            I think we're either using a different version, or we're running it in a different mode.


            Here's the screenshot of the configuration options I have.

            screen.JPG

             

            The only place I can see where I can allow it is under edit in custom settings, and that just allows you to add port/s.

             

            Here's a screen shot of the console running on each PC

             

            screen1.JPG

             

            Thanks for the prompt reply, hopefully I can get to the bottom of this.

            Steve

            • 3. Re: Add ICMP Traffic to McAfee Firewall

              Ooops... are you using the Total Protection Service (Business Edition)?

              • 4. Re: Add ICMP Traffic to McAfee Firewall

                Sorry, I hope I didn't post in the wrong forum.

                 

                I believe we are, but I actually don't know how to check it.  The only place I think it may state it is in the MySonicWall user login, and I don't have access to that username/password.  The only version info I can find is on the user console's, and that was the second screenshot I posted.


                If I remember, we purchased Total Protection Service 2010, and it should be business edition.

                 

                Thanks again,

                Steve

                • 5. Re: Add ICMP Traffic to McAfee Firewall

                  Alright, that makes sense... Moving the thread to TPS Firewall group for more clarity...

                  • 6. Re: Add ICMP Traffic to McAfee Firewall

                    Thank you, sorry about posting in the wrong place.

                    Steve

                    • 7. Re: Add ICMP Traffic to McAfee Firewall
                      rengaraj

                      Hi,

                       

                      I have read your post.

                       

                      Please follow the below steps to resolve the issue that you are facing with the McAfee firewall.

                       

                      Open the McAfee security center using the page www.mcafeeasap.com

                      Click on policies on the top and then click on add policy and then select firewall settings on the left pane

                      Select administrator configures firewall

                      Now you shall get a menu with different options

                      Please select the reports option under the firewall protection status

                      Now, below you can select the custom settings and click on edit

                      You shall get three options to allow printer, file sharing and remote access, and please select all the 3 and Click on ok

                      Click on add connection and enter the port number used by the Router

                      Under the Incoming firewall address enter the IP address of your other computers or you can also enter the IP range of your network

                      Click on Internet application list on the top and please check if any files related to TCP/IP have been blocked, if yes please allow them

                      Now save and add this policy to your computer.

                       

                      On the computer right click on the M icon and select update now to run a manual update.

                       

                      Thank you.

                       

                      Regards.

                       

                       

                      1 of 1 people found this helpful
                      • 8. Re: Add ICMP Traffic to McAfee Firewall

                        Rengeraj,

                         

                        I just have one more question.  What do you mean by add the port used by the router?


                        We're using a Sonic Wall NSA 2400.  Sorry for not understanding, I'll try to work through it if you can give me a little more information.

                         

                        Thanks,

                        Steve

                        • 9. Re: Add ICMP Traffic to McAfee Firewall

                          Apparently I spoke too soon.  I've added two IP pools to the custom zone

                          192.168.10.100-192.168.10.200 (the DHCP pool for all our desktops)

                          192.168.10.1-192.168.10.6 (the static IP's for our servers, routers, switches)

                           

                          I can ping between desktop computers, but can't ping the server (192.168.10.6) or printers (192.168.10.101 & 192.168.10.102).  It resolves the IP for the server, but states "the destination host is unreachable".

                           

                          If I switch it over to Trusted Network, I can ping printers, servers, and desktops.

                           

                          Any ideas?

                           

                          Thanks,
                          Steve

                          1 2 Previous Next