...
The connection between the network object INTRANET to the Internet (LANCOM_Internet-Access) allows HTTP und HTTPS and forbids blocks ICMP.
Info |
---|
As the Unified Firewall operates according to the DENY ALL principle, initially all communication is blocked. Therefore in this case communication via ICMP is already blocked without a separate rule. Thus a separate rule to forbid block ICMP is not needed and is also not practical in most cases. Only in individual cases it can be useful to forbid block a certain port (e.g. when a port range is allowed and it has to be ensured, that a certain port from this range is forbiddenblocked). |
3) Host object:
The connection between the host object Workstation to the Internet allows ICMP.
...
- Communication via HTTP and HTTPS from the host object Workstation to the Internet is allowed due to the inherited rules.
- Communication via ICMP from the host object Workstation to the Internet is forbidden blocked, as a DENY rule always comes before an ALLOW rule.