L2Tpserversettings - D-Link NetDefend DFL-210 Cli Reference Manual

3.39.9. L2TPServerSettings

TTLOnLow
DefaultTTL
LayerSizeConsistency
SecuRemoteUDPEncapCompat
IPOptionSizes
IPOPT_SR
IPOPT_TS
IPOPT_RTRALT
IPOPT_OTHER
DirectedBroadcasts
IPRF
StripDFOnSmall
3.39.9. L2TPServerSettings
Description
PPTP/L2TP server settings.
Properties
L2TPBeforeRules
PPTPBeforeRules
Note
This object type does not have am identifier and is identified by the name of the type
only. There can only be one instance of this type.
Pass L2TP connections sent to the security gateway directly to the L2TP
engine without consulting the ruleset. (Default: Yes)
Pass PPTP connections sent to the security gateway directly to the PPTP
engine without consulting the ruleset. (Default: Yes)
What action to take on too low TTL values. (Default:
DropLog)
The default IP Time-To-Live of packets originated by the se-
curity gateway (32-255). (Default: 255)
TCP/UDP/ICMP/etc layer data and header sizes matching
lower layer size information. (Default: ValidateLogBad)
Allow IP data to contain eight bytes more than the UDP total
length field specifies -- Checkpoint SecuRemote violates
NAT-T drafts. (Default: No)
Validity of IP header option sizes. (Default: ValidateLogBad)
How to handle IP packets with contained source or return
routes. (Default: DropLog)
How to handle IP packets with contained Timestamps.
(Default: DropLog)
How to handle IP packets with contained route alert. (Default:
ValidateLogBad)
How to handle IP options not specified above. (Default:
DropLog)
How to handle directed broadcasts being passed from one in-
terface to another. (Default: DropLog)
How to handle the IP Reserved Flag, if set; it should never be.
(Default: DropLog)
Strip the "DontFragment" flag for packets of this size or smal-
ler. (Default: 65535)
130
Chapter 3. Configuration Reference