The RUCKUS ICX router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-273633	RCKS-RTR-000660	SV-273633r1110939_rule		Medium

Description

The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ICMP messages under a wide variety of conditions. Redirect ICMP messages are commonly used by attackers for network mapping and diagnosis.

STIG	Date
RUCKUS ICX Router Security Technical Implementation Guide	2025-06-03

Details

Check Text (C-77724r1109919_chk)

The RUCKUS ICX router disables ICMP redirect messages by default.

Review the configuration to verify the following command is not present:
ip icmp redirects

If the command above is present, this is a finding.

Fix Text (F-77629r1109920_fix)

Disable ICMP redirect messages:

ICX(config)#no ip icmp redicts