Last Modified: Oct 06, 2020
Opened: Jun 16, 2015
Related AskF5 Article: K17502
A packet filter is in place to block ICMP traffic to a virtual address, but the virtual address responds to ICMP echo requests.
Traffic is not blocked despite the existence of a packet-filter rule.
A packet filter is in place to block ICMP echo request traffic to a virtual address, and a fragmented ICMP echo request is received by the BIG-IP system. If the ICMP echo request needs to be forwarded to another tmm, the packet-filter is not honored.
Use AFM rather than packet-filter. Note: This may require additional licensing.