Brian,
Nope...that shouldn't be blocked.
I need to read up...I believe what I understood David to ask is: if someone continues to send IPENCAP packets to Old_AMPRGW, configure it to send an ICMP Redirect in the future.
This should WORK, since the device sent the packet. I'm not sure what an OS will do, though; or if the OS is handling the packet as normal (i.e. some raw modes).
This is not considering a scenario if the OP EXPLICITLY blocks ICMP (which in that case, it would fail anyway). My configuration should have received the ICMP Type 5 (I believe 5.1) packet in return for the IPENCAP I sent to Old_AMPRGW, I just don't know how LEDE would respond.
- KB3VWG
Don't most hosts and routers ignore ICMP Redirects out of security concerns these days?