Polycom (RMX) 1500 User Manual
RealPresence Collaboration Server (RMX) 1500/1800/2000/4000 Administrator’s Guide
Polycom®, Inc.
849
Internet Control Message Protocol (ICMP)
ICMP (Internet Control Message Protocol) is used to send messages between networked entities. It is
typically used to send and receive information concerning:
typically used to send and receive information concerning:
● Communications errors in network applications
● Remote host reachability and availability
● Network congestion (latency)
● Traffic redirection
● Remote host reachability and availability
● Network congestion (latency)
● Traffic redirection
Malicious devices can however use these capabilities in order to divert, intercept, detect, network traffic.
The following System Flags have been added to enable the administrator to control ICMP Redirect and
Destination Unreachable messages:
Destination Unreachable messages:
● ENABLE_ACCEPTING_ICMP_REDIRECT
● ENABLE_SENDING_ICMP_DESTINATION_UNREACHABLE
● ENABLE_SENDING_ICMP_DESTINATION_UNREACHABLE
By setting the value of these flags to NO the risk of malicious behavior can be mitigated.
For a full description of ICMP see RFC 792.
Guidelines
● Both flags apply to all MCU platforms: RealPresence Collaboration Server (RMX)
1500/2000/4000/RealPresence Collaboration Server (RMX) 1800/RealPresence Collaboration
Server 800s).
● Both flags apply to all Ethernet connections: Management, Signaling, Media,
Modem, etc.
System Flag: ENABLE_ACCEPTING_ICMP_REDIRECT
This System Flag enables the administrator to control whether the RMX accepts or rejects ICMP Redirect
Messages (ICMP message type #5), typically used to instruct routers to redirect network traffic through
alternate network elements.
Messages (ICMP message type #5), typically used to instruct routers to redirect network traffic through
alternate network elements.
● Range: YES / NO
● Default:
● Default:
Ultra Secure Mode: NO - Redirect messages or ignored.
Default Security Mode: YES - Redirect messages are accepted.
System Flag: ENABLE_SENDING_ICMP_DESTINATION_UNREACHABLE
This System Flag enables the administrator to control whether the RMX sends ICMP Destination
Unreachable Messages (ICMP message type #3).
Unreachable Messages (ICMP message type #3).
Destination Unreachable Messages are sent when the RMX receives a UDP packet on a port configured
for TCP, or receives a UDP packet on a port configured for TCP, or when, in real time, a packet is not
processed in the prescribed time interval. For detailed timestamp information see RFC 792.
for TCP, or receives a UDP packet on a port configured for TCP, or when, in real time, a packet is not
processed in the prescribed time interval. For detailed timestamp information see RFC 792.
The Destination Unreachable Message may also be sent when Network or Host is unreachable (sent by
the router) or the Port is unreachable (sent by the RMX).
the router) or the Port is unreachable (sent by the RMX).
● Range: YES / NO