Table of Contents
Advertisement
'protocol filter group'. You can configure the filter rule in CLI.
10. How can I protect against IP spoofing attacks?
The AMG1202-T10B/AMG1302-T10B's filter sets provide a means to protect
against IP spoofing attacks. The basic scheme is as follows:
For the input data filter:
Deny packets from the outside that claim to be from the inside
Allow everything that is not spoofing us
Filter rule setup:
Filter type =TCP/IP Filter Rule
Active =Yes
Source IP Addr =a.b.c.d
Source IP Mask =w.x.y.z
Action Matched =Drop
Action Not Matched =Forward
Where a.b.c.d is an IP address on your local network and w.x.y.z is your
netmask:
For the output data filters:
Deny bounce back packet
Allow packets that originate from us
Filter rule setup:
Filter Type =TCP/IP Filter Rule
Active =Yes
Destination IP Addr =a.b.c.d
Destination IP Mask =w.x.y.z
Action Matched =Drop
Action Not Matched =Forward
Where a.b.c.d is an IP address on your local network and w.x.y.z is your
netmask.
All contents copyright © 2013 ZyXEL Communications Corporation.
AMG1202-T10B/AMG1302-T10B
Support Notes
9
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the AMG1202-T10B and is the answer not in the manual?