ICMP Error messages can be used as a means to compromise sytems and networks. Appropriate configuration and filtering of these messages should be used to reduce potential threats.
In the Web UI navigate to the 'System' - > 'Global Settings' - > 'Networking' section. Uncheck the box for 'Host unreachable'.
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system WatchGuard.