Show the ip address of firewall when Windows host tracert through firewall

Publication Date:  2012-09-13 Views:  430 Downloads:  0
Issue Description
On Windows host, tracert the external ip address through firewall. Ip of firewall is hidden for host.
Alarm Information
Null

Handling Process
Use the command “ip ttl-expires enable” to make USG reply a timeout packets to ICMP packet whose ttl is 0. In this way, Windows host would display the ip address of firewall.
Root Cause
When device received an ICMP packet whose ttl is 0, it would reply an ICMP packets whose ttl is timeout. So the Windows host would display the ip address of device. But USG would drop the ICMP packet whose ttl is 0 in the default setting, so ip of firewall is hidden for pc.
Suggestions
Null

END