How can one disable PING (not ICMP) in a Fortigate?

Forum|Forum|1 year ago
July 28, 2024
1 reply
968 views

Hi, is the above possible to do globally for all interfaces instead of having to go to each interface one by one to disable PING?

FortiGate

salemneaz

Staff

Hi,

You can try local in policy, but it is easier to turn them off from the interface.

Example Configuration Given Below:

-------------------------------------------------------------------

Use the following command to close all ICMP ports on the WAN1 interface. The following example blocks traffic that matches the ALL_ICMP firewall service.

config firewall local-in-policy

edit 1

set intf wan1

set srcaddr all

set dstaddr all

set action deny

set service ALL_ICMP

set schedule always

end

Article Reference:

-----------------------------------------

https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/833110/use-local-in-policies-to-close-open-ports-or-restrict-access

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded