HI Ashvin0,
I did, but is not working:
set firewall family inet filter [filter_bla_bla] term 2 from source-address [public ip]
set firewall family inet filter [filter_bla_bla] term 2 from source-address [public ip]
set firewall family inet filter [filter_bla_bla] term 2 from destination-address [my public ip]
set firewall family inet filter [filter_bla_bla] term 2 from protocol icmp
set firewall family inet filter [filter_bla_bla] term 2 from icmp-type echo-reply
set firewall family inet filter [filter_bla_bla] term 2 then accept
When I did commit confirmed 2 (for example), my ping from lan to internet stoped
Reply from 8.8.8.8: bytes=32 time=10ms TTL=57
Reply from 8.8.8.8: bytes=32 time=10ms TTL=57
Reply from 8.8.8.8: bytes=32 time=10ms TTL=57
Reply from 8.8.8.8: bytes=32 time=10ms TTL=57
Reply from 192.168.24.1: Destination net unreachable.
Reply from 192.168.24.1: Destination net unreachable.
Reply from 192.168.24.1: Destination net unreachable.
Reply from 192.168.24.1: Destination net unreachable.
Someone have another idea?
By the way, the firewall rules are any any, I mean, I don´t have policy to drop this connection. The policy is not a problem.