Allow VPN

The IPSec, PPTP, and L2TP protocols are used to

Pass through

establish a secure connection, and are widely used

by VPN (Virtual Private Networking) programs.

 

 

• If checked, these VPN connections are

 

allowed.

 

• If not checked, these VPN connections are

 

blocked.

 

Note: IPSec sessions must NOT use AH

 

(Authentication Header). Packets using AH cannot

 

be routed correctly.

 

 

Drop

If enabled, fragmented IP packets are discarded,

fragmented

forcing re-transmission of these packets. In some

IP packets

situations, this could prevent successful

 

communication, so this setting is normally disabled.

Block TCP

A TCP flood is excessively large number of TCP

Flood

connection requests. This is usually a DoS (Denial

 

of Service) attack. This setting should be normally

 

be enabled.

 

 

Block UDP

A UDP flood is excessively large number of UDP

Flood

packets. This is often a DoS (Denial of Service)

 

attack, but some streaming applications also use

 

UDP, and blocking UPD packets may prevent them

 

from working correctly.

Block non-

Abnormal packets are often used by hackers and in

standard

DoS attacks, but may also be generated by other

packets

network devices. (PCs will normally not generate

 

non-standard packets.) This setting is disabled by

 

default, but on most networks it can safely be

 

enabled, and doing so will provide greater

 

protection.

140

Page 146
Image 146
3Com WBR-6000 Allow VPN, Pass through, Drop, fragmented, IP packets, Block TCP, Flood, Block UDP, Block non, standard