Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Enable ICMP Redirects

You can enable redirects to Web Gateway under ICMP for requests to access the web sent from clients.

ICMP redirects are not allowed by default on Web Gateway because they might create a security issue.

If you run Web Gateway in an environment where ICMP redirects are required, you can let them be accepted by editing the sysctl.conf system file.

NOTE: To edit sysctl.conf system file, use the File Editor that is provided for this purpose on the user interface.

 

  1. Select Configuration | File Editor.
  2. Under Files in the navigation pane, expand the entry for the Web Gateway appliance where you want to allow ICMP redirects. Then select sysctl.conf.
  3. After the last line of the file content that shows up in the configuration pane, append these lines by typing or pasting them:
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.secure_redirects = 1
  1. Click Save Changes.
  2. Restart the appliance to let the changed system file content become effective.

ICMP redirects are now accepted on the Web Gateway appliance that you configured this acceptance for.

  • Was this article helpful?