Sygate blocking people from PING me

[NetTech+Guy]

This is what I did:

I tried to set rules in the "advanced rules" option to accept all types of ICMP's for all the aplications in the list (on my HD), to make sure people will get ping responses from me, but so far didn't work that redundancy, I even set a 2nd rule to accept all connections on UDP ports 1024-65000 and still didn't work; I did this cuz I saw in "PACKET LOG" that the incoming ICMP requests, used UDP.

So is there anyone that has a solution to my problem of having sygate running but not allowing people to ping you?

PS. By the way why is "Allow icmp" for all applications set by default? and why is it still blocking them? Strange at least to my understanding.

Have a nice day.

[GrofLuigi]

I don't know Sygate, but these are some "unofficial" rules for Kerio related to ping:

1. Description: Out Needed To Ping And TraceRoute Others

Protocol: ICMP

Direction: Outgoing

ICMP Type: Echo

Remote Endpoint: Any

Action PERMIT

2. Description: In Needed To Ping And TraceRoute Others

Protocol: ICMP

Direction: Incoming

ICMP Type: Echo Reply, Destination Unreachable, Time

Exceeded

Remote Endpoint: Any

Action PERMIT

3. Description: In Block Ping and TraceRoute ICMP

(Notify)

Protocol: ICMP

Direction: Incoming

ICMP Type: Echo

Remote Endpoint: Any

Action DENY

4. Description: Out Block Ping and TraceRoute ICMP

(Notify)

Protocol: ICMP

Direction: Outgoing

ICMP Type: Echo Reply, Destination Unreachable, Time

Exceeded

Remote Endpoint: Any

Action DENY

5. Description: Block ICMP (Logged)

Protocol: ICMP

Direction: Both

ICMP Type: Echo Reply, Destination Unreachable, Source

Quench, Redirect,

Echo, Time Exceeded, Parameter Prob, Time Stamp, Time

StampReply, Info

Request, Info Reply, Address, Address Reply, Router

Advertisement, Router

Solicitation (ALL)

Remote Endpoint: Any

Action DENY

I hope you can somehow "translate" them for your needs. Note: Kerio would execute them from top to bottom, i.e. 1, then 2, then 3 etc.

For you to be pingable by others, you need to change 3. and 4. to "PERMIT".

GL

[NetTech+Guy]

I don't know Sygate, but these are some "unofficial" rules for Kerio related to ping:

1. Description: Out Needed To Ping And TraceRoute Others

Protocol: ICMP

Direction: Outgoing

ICMP Type: Echo

Remote Endpoint: Any

Action PERMIT

Thank you! that worked! but I had to set the 5th rule to ALLOW as the other ones, strange tough, last time I instintictly did something similar to the 5th rule before posting here having all icmp types allowed and in both direction but that didn't work, is as if I needed to set the firsts 4 rules for it to work! That's a mistery, thanks!

[GrofLuigi]

NetTech+Guy,

Glad that worked. Anyhow, I should mention that this is not something I've thought of , but I found it on some forum dedicated to firewalls, with sections dedicated to some of the most popular apps. Unfortunately, I've just copied the rules (there are more of them) for reference to a text file, so I cannot give due credit.

GL