rept30 0 Posted December 10, 2017 Share Posted December 10, 2017 (edited) Specs Windows 10 x64 Pro 1703 ESET 10 Smart Security Firefox 57 x64 DD-WRT - 33770M Kong's Build R7000 Router --------------------------------------------------------------------------- I'm trying to allow ICMP packets through ESET without disabling firewall altogether using IPV6. Using this website hxxp://ipv6-test.com I get 17/20 with ESET firewall enabled and 20/20 with it disabled. What setting in ESET firewall do I allow or disable for it not to filter ICMP? "Your router or firewall is filtering ICMPv6 messages sent to your computer. An IPv6 host that cannot receive ICMP messages may encounter problems like some web pages loading partially or not at all." Any help would be appreciated - I've narrowed it down to ESET with it's firewall disabled it works just fine. Edited December 10, 2017 by rept30 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted December 10, 2017 Administrators Share Posted December 10, 2017 Try creating an allowing rule for ICMP and moving it to the top above pre-defined rules that are hidden by default. You'll need to unhide them to accomplish that. Link to comment Share on other sites More sharing options...
rept30 0 Posted December 10, 2017 Author Share Posted December 10, 2017 (edited) Thanks for the prompt reply! Something like this? Very top one is what I just added in the rest are predefined. Anything I need to remove or try as is? Edited December 11, 2017 by rept30 Link to comment Share on other sites More sharing options...
rept30 0 Posted December 11, 2017 Author Share Posted December 11, 2017 I still haven't figured out how to allow ICMP from being filtered by ESET firewall. Any suggestions? Link to comment Share on other sites More sharing options...
itman 1,659 Posted December 11, 2017 Share Posted December 11, 2017 (edited) Eset has default rules to allow essential inbound and outbound ICMPv6 traffic. For outbound, the type codes are; 2, 4, 128, 130, 131, 132, 133, 134, 135, 136, 143. For inbound, the type codes are; 1, 2, 3, 4, 129, 130, 131, 132, 133, 134, 135, 136, 143. The Win 10 firewall also has inbound rules for ICMPv6 traffic. If you have enabled the option to "also use Windows firewall rulesl" in Eset's firewall settings, there could be a potential conflict between the two firewalls. Unfortunately, the Windows firewall uses protocol numbers versus type codes. So those will have to be manually converted to type codes and then compared to the ones listed in the Eset firewall inbound ICMPv6 rule. As long as the option to also use Win firewall inbound rules remains in effect for the Eset firewall, both firewall rules have to be compatible. I believe Eset firewall inbound rules are evaluated first and then the Win 10 firewall rules. In any case, you will have to find out which type codes need to be added to Eset's existing ICMPv6 inbound and/or outbound rules. You then create a user rule specifying the missing code/s only. Additionally, a corresponding protocol number to the type code rule needs to be added to the Win 10 inbound firewall rules. All the above is one reason why I have IPv6 permanently disabled on my network adapter connection. Edited December 11, 2017 by itman Link to comment Share on other sites More sharing options...
Recommended Posts