Appendix K Router Platform User Interface Reference

 

 

Advanced Interface Settings Page

 

Table K-13

Advanced Interface Settings Dialog Box (Continued)

 

 

Enable Directed

When selected, directed broadcast packets are “exploded” as a link-layer

Broadcasts

 

broadcast when this interface is directly connected to the destination subnet.

 

 

When deselected, directed broadcast packets that are intended for the subnet

 

 

to which this interface is directly connected are dropped rather than being

 

 

broadcast. This is the default.

 

 

An IP directed broadcast is an IP packet whose destination address is a valid

 

 

broadcast address on a different subnet from the node on which it originated.

 

 

In such cases, the packet is forwarded as if it was a unicast packet until it

 

 

reaches its destination subnet.

 

 

This option affects only the final transmission of the directed broadcast on

 

 

its destination subnet; it does not affect the transit unicast routing of IP

 

 

directed broadcasts.

 

 

Note Because directed broadcasts, and particularly ICMP directed

 

 

broadcasts, have been abused by malicious persons, we recommend

 

 

deselecting this option on interfaces where directed broadcasts are

 

 

not needed.

 

 

 

ACL

 

Applies only when directed broadcasts are enabled.

 

 

The standard access list that determines which directed broadcasts are

 

 

permitted to be broadcast on the destination subnet. All other directed

 

 

broadcasts destined for the subnet to which this interface is directly

 

 

connected are dropped. Enter the name of an ACL object, or click Select to

 

 

display an Object Selectors, page F-593.

 

 

If the standard ACL you want is not listed, click the Create button in the

 

 

selector to display the Add and Edit Standard Access List Pages, page F-42.

 

 

From here you can create an ACL object.

 

 

Note To prevent misuse by malicious persons, we recommend using ACLs

 

 

to restrict the use of directed broadcasts.

 

 

 

 

Advanced Interface Settings buttons

OK button

Saves your changes locally on the client and closes the dialog box.

Note To save your changes to the Security Manager server so that they are not lost when you log out or close your client, click Save on the source page.

 

 

User Guide for Cisco Security Manager 3.2

 

 

 

 

 

 

OL-16066-01

 

 

K-33

 

 

 

Page 33
Image 33
Cisco Systems OL-16066-01 appendix Acl, Display an Object Selectors, page F-593