Firewall Configuration Technical Reference; Firewall Policies Overview - ZyXEL Communications P-660W-Tx User Manual

Adsl router over pots/isdn

Table of Contents

Table 44 Firewall: Threshold (continued)

LABEL

Maximum

Incomplete High

TCP Maximum

Incomplete

Action taken when the TCP Maximum Incomplete threshold is reached.

Delete the oldest

half open session

when new

connection

request comes

Deny new

connection

request for

Back

Apply

Cancel

11.7 Firewall Configuration Technical Reference

This section provides some technical background information about the topics covered in this

chapter.

11.7.1 Firewall Policies Overview

Firewall rules are grouped based on the direction of travel of packets to which they apply:

P-660W-Tx v2 User's Guide

DESCRIPTION

This is the number of existing half-open

sessions that causes the firewall to start

deleting half-open sessions. When the

number of existing half-open sessions rises

above this number, the ZyXEL Device deletes

half-open sessions as required to

accommodate new connection requests. Do

not set Maximum Incomplete High to lower

than the current Maximum Incomplete Low

number.

This is the number of existing half-open TCP

sessions with the same destination host IP

address that causes the firewall to start

dropping half-open sessions to that same

destination host IP address. Enter a number

between 1 and 256. As a general rule, you

should choose a smaller number for a smaller

network, a slower system or limited

bandwidth.

Select this radio button to clear the oldest half

open session when a new connection request

comes.

Select this radio button and specify for how

long the ZyXEL Device should block new

connection requests when TCP Maximum

Incomplete is reached.

Enter the length of blocking time in minutes

(between 1 and 256).

Click Back to return to the previous screen.

Click Apply to save your changes back to the ZyXEL Device.

Click Cancel to begin configuring this screen afresh.

•

LAN to LAN/ Router

•

LAN to WAN

Chapter 11 Firewall Configuration

DEFAULT VALUES

100 existing half-open sessions.

The above values causes the

ZyXEL Device to start deleting

half-open sessions when the

number of existing half-open

sessions rises above 100, and to

stop deleting half-open sessions

with the number of existing half-

open sessions drops below 80.

30 existing half-open TCP

sessions.

•

WAN to LAN

•

WAN to WAN/ Router

125

Table of Contents

Troubleshooting

This manual is also suitable for:

P-660w-tx v2 P-660w-t1 v2 P-660w-t3 v2

Firewall Configuration Technical Reference; Firewall Policies Overview - ZyXEL Communications P-660W-Tx User Manual

11.7 Firewall Configuration Technical Reference

11.7.1 Firewall Policies Overview

Troubleshooting

Related Manuals for ZyXEL Communications P-660W-Tx

Related Content for ZyXEL Communications P-660W-Tx

This manual is also suitable for:

Table of Contents