Table of Contents
Advertisement
Table 229: TCP Session Configuration Details
Option
Comment
Rst Invalidate Session
Rst Sequence Check
No Syn Check
Strict Syn Check
No Syn Check In Tunnel
No Sequence Check
Tcp Initial Timeout
Configuring Traceoptions (NSM Procedure)
Copyright © 2010, Juniper Networks, Inc.
Apply—Applies the TCP session settings.
Function
Supplies a descriptive comment for the TCP
session.
Specifies that the session ends immediately on
receipt of the reset segment.
Enables checking of the sequence number in
the reset segment.
Disables the creation-time synchronized flag
check.
Enables the strict synchronized check.
Disables creation-time synchronized flag check
for tunnel packets.
Disables sequence-number checking.
Specifies the timeout period for the TCP session
when initialization fails.
The traceoptions feature allows you to configure file and flag options.
To configure the traceoptions:
In the NSM navigation tree, select Device Manager > Devices.
1.
Click the Device Tree tab, and then double-click the device for which you want to
2.
configure the traceoptions.
Click the Configuration tab. In the configuration tree, select Security > Flow >
3.
Traceoptions.
Configure the options as specified in Table 230 on page 398.
4.
Click one:
5.
OK—Saves the changes.
Cancel—Cancels the modifications.
Apply—Applies the traceoptions settings.
Chapter 22: Configuring Security
Your Action
(Optional) Enter a comment.
Select the
Rst Invalidate Session
enable this feature.
Select the Rst Sequence Check check box to
enable this feature.
Select the No Syn Check check box to enable
this feature.
Select the Strict Syn Check check box to enable
this feature.
Select the No Syn Check In Tunnel check box to
enable this feature.
Select the No Sequence Check check box to
enable this feature.
Set the timeout period when the initialization
fails. Range: 20 through 300.
check box to
397
Advertisement
Table of Contents
