Jump to content

IPV6 Help + ESET Firewall / ICMP


Recommended Posts

Specs

Windows 10 x64 Pro 1703

ESET 10 Smart Security

Firefox 57 x64

DD-WRT - 33770M Kong's Build R7000 Router

---------------------------------------------------------------------------

 

I'm trying to allow ICMP packets through ESET without disabling firewall altogether using IPV6. Using this website hxxp://ipv6-test.com  I get 17/20 with ESET firewall enabled and 20/20 with it disabled.

What setting in ESET firewall do I allow or disable for it not to filter ICMP?

"Your router or firewall is filtering ICMPv6 messages sent to your computer. An IPv6 host that cannot receive ICMP messages may encounter problems like some web pages loading partially or not at all."

 

Any help would be appreciated - I've narrowed it down to ESET with it's firewall disabled it works just fine. 
 

Edited by rept30
Link to comment
Share on other sites

  • Administrators

Try creating an allowing rule for ICMP and moving it to the top above pre-defined rules that are hidden by default. You'll need to unhide them to accomplish that.

Link to comment
Share on other sites

Thanks for the prompt reply!

 

Something like this? Very top one is what I just added in the rest are predefined. Anything I need to remove or try as is? 

 

Edited by rept30
Link to comment
Share on other sites

Eset has default rules to allow essential inbound and outbound ICMPv6 traffic.

For outbound, the type codes are; 2, 4, 128, 130, 131, 132, 133, 134, 135, 136, 143.

For inbound, the type codes are; 1, 2, 3, 4, 129, 130, 131, 132, 133, 134, 135, 136, 143.

The Win 10 firewall also has inbound rules for ICMPv6 traffic. If you have enabled the option to "also use Windows firewall rulesl" in Eset's firewall settings, there could be a potential conflict between the two firewalls. Unfortunately, the Windows firewall uses protocol numbers versus type codes. So those will have to be manually converted to type codes and then compared to the ones listed in the Eset firewall inbound ICMPv6 rule.

As long as the option to also use Win firewall inbound rules remains in effect for the Eset firewall, both firewall rules have to be compatible. I believe Eset firewall inbound rules are evaluated first and then the Win 10 firewall rules.

In any case, you will have to find out which type codes need to be added to Eset's existing ICMPv6 inbound and/or outbound rules. You then create a user rule specifying the missing code/s only. Additionally, a corresponding protocol number to the type code rule needs to be added to the Win 10 inbound firewall rules.

All the above is one reason why I have IPv6 permanently disabled on my network adapter connection.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...