Fortinet black logo

Handbook

ICMPv6

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:63661
Download PDF

ICMPv6

The IT Manager is doing some diagnostics and would like to temporarily block the successful replies of ICMP Node information Responses between 2 IPv6 networks.

The ICMP type for ICMP Node information responses is 140. The codes for a successful response is 0.

To configure ICMPv6 - GUI:
  1. Go to Policy & Objects > Services and select Create New > Service.
  2. Fill out the fields with the following information
    Namediagnostic-test1
    Service TypeFirewall
    Show in Service ListEnabled
    CategoryUncategorized
    Protocol TypeICMP6
    Type140
  3. Select OK.
  4. Enter the following CLI command:

    config firewall service custom

    edit diagnostic-test1

    set protocol ICMP6

    set icmptype 140

    set icmpcode 0

    set visibility enable

    end

To verify that the category was added correctly:
  1. Go to Policy & Objects > Services. Check that the services have been added to the services list and that they are correct.
  2. Enter the following CLI command:

    config firewall service custom

    edit <the name of the service that you wish to verify>

    show full-configuration

ICMPv6

The IT Manager is doing some diagnostics and would like to temporarily block the successful replies of ICMP Node information Responses between 2 IPv6 networks.

The ICMP type for ICMP Node information responses is 140. The codes for a successful response is 0.

To configure ICMPv6 - GUI:
  1. Go to Policy & Objects > Services and select Create New > Service.
  2. Fill out the fields with the following information
    Namediagnostic-test1
    Service TypeFirewall
    Show in Service ListEnabled
    CategoryUncategorized
    Protocol TypeICMP6
    Type140
  3. Select OK.
  4. Enter the following CLI command:

    config firewall service custom

    edit diagnostic-test1

    set protocol ICMP6

    set icmptype 140

    set icmpcode 0

    set visibility enable

    end

To verify that the category was added correctly:
  1. Go to Policy & Objects > Services. Check that the services have been added to the services list and that they are correct.
  2. Enter the following CLI command:

    config firewall service custom

    edit <the name of the service that you wish to verify>

    show full-configuration