Table of Contents
Advertisement
132
Figure 4-72
Firewall Option Setup window
Enable Data Encryption-- Select this option if you wish to enable the
data in packets sent between the IP hosts or subnets specified in this filter
to be encrypted/decrypted by the Secure Data Mode Station. This option
is not available if Data Encryption is not enabled on the General Setup
screen.
Permit Non UDP/TCP Packets-- Select this option if you would like
the Secure Data Mode Station to allow IP packets that are neither TCP
nor UDP, such as ICMP. The firewall does not have specific filters for IP
protocols other than TCP, UDP, and ICMP. If you want to deny other
relatively rare protocols, do not select this checkbox.
Permit IP Source Routed Packets-- Select this option if you want the
Secure Data Mode Station to allow Source-Routed IP packets to the local
hosts protected by this filter. Source-Routed packets contain routing
information inside the packet headers, instead of allowing network
routers to decide the best route for the packet. They are primarily used in
network troubleshooting, but may be used to 'fool' the firewall that the
packets are coming from a trusted host. We strongly recommend that you
do not permit source routed packets.
Permit Fragments-- Select this option if you would like the Secure Data
Mode Station to permit fragmented IP packets to be passed through the
firewall. IP packets may be incorrectly fragmented, creating security
problems for hosts that may not properly handle incorrectly fragmented
IP packets.
Respond with Unreachable Messages-- Select this option if you want
the Secure Data Mode Station to respond to remote hosts attempting to
connect to local machines with Destination Unreachable messages when
the connection is denied by this security filter.
WLAN Cable Access Point 6220 CSU NTPM99CA Rel 2.0 Issue 5 Dec 2005
Advertisement
Table of Contents
