How to suppress TCP Reset and ICMP Port Unreachable messages
|Article:TECH81725|||||Created: 2003-01-07|||||Updated: 2009-01-26|||||Article URL http://www.symantec.com/docs/TECH81725|
You need to suppress the firewall's default behavior of sending TCP Reset messages in response to disallowed TCP connections and ICMP Port Unreachable messages in response to disallowed UDP connections. You want the firewall to silently drop this traffic instead.
To suppress TCP Reset and ICMP Port Unreachable messages in Symantec Gateway Security v2.0x and Symantec Enterprise Firewall v8.0:
- Connect to your firewall with the Security Gateway Management Interface (SGMI).
- In the left pane, click Policy.
- In the right pane, on the Advanced tab, select Logical Network Interfaces.
- Highlight the interface you want to suppress messages on.
- Click Properties
- On the Options tab, check "Suppress Reset and ICMP error messages".
- In the left pane of the Security Gateway Management Interface (SGMI), under Assets, click Network.
- On the Network Interfaces tab, select the interface on which you want to suppress messages, and then click Properties.
- On the General tab, check "Suppress reset and ICMP error messages".
- Click OK.
- Repeat steps 2-4 for the other network interfaces.
Note: This configuration causes the firewall to silently drop disallowed TCP and UDP connection attempts. In addition, these attempts are not logged by the firewall.
Article URL http://www.symantec.com/docs/TECH81725