I made a graduation design, huawei usg6000v firewall router, bottom allied switches, ping I have also been allowed, interface also added to the trust region, but can ping firewall switches and routers, firewalls but can't switches, routers, what reason is this excuse me?

CodePudding user response:

So long as routers and switches to ping, don't tube can ping firewall,
If you want to know the reason, single-pass phenomenon related to your security policy, local firewall subject area to communication and other areas, the security policy should also be bidirectional, otherwise it is single,
I last night when I was in the firewall do OSPF encountered similar problems,

CodePudding user response:

I also met ensp other devices can ping the firewall, the firewall can't other equipment, firewall ping himself

CodePudding user response:

Firewall to outgoing Ping packets, firewall belong to the local area, the net is outside, Intranet is inside, to add a security policy, allowing from the local to the untrust Ping packets through,

CodePudding user response:

With the source of ping? The port configuration vlan?