Administrator’s Handbook
Stateful Inspection
Stateful inspection options are accessed by the security
set security
Sets the stateful inspection option off or on on the specified interface. This option is disabled by default. Stateful inspection prevents unsolicited inbound access when NAT is disabled.
set security
set security
Sets stateful inspection default mapping to router option off or on on the specified interface.
set security
set security
Sets the acceptable TCP sequence difference on the specified interface. The TCP sequence number differ- ence maximum allowed value is 65535. If the value of
set security
set security
Sets whether fragmented packets are allowed to be received or not on the specified interface.
set security state-insp tcp-timeout [ 30 - 65535 ]
Sets the stateful inspection TCP timeout interval, in seconds.
set security state-insp udp-timeout [ 30 - 65535 ]
Sets the stateful inspection UDP timeout interval, in seconds.
set security state-insp dos-detect [ off on ]
Enables or disables the stateful inspection Denial of Service detection feature. If set to on, the device will monitor packets for Denial of Service (DoS) attack. Offending packets may be discarded if it is determined to be a DoS attack.