Advanced Administration
89
Allow VPN
Pass through
The IPSec, PPTP, and L2TP protocols are used to establish a secure
connection, and are widely used by VPN (Virtual Private Network-
ing) programs.
"
If checked, these VPN connections are allowed.
"
If not checked, these VPN connections are blocked.
Note: IPSec sessions must NOT use AH (Authentication Header).
Packets using AH cannot be routed correctly.
Drop fragmented
IP packets
If enabled, fragmented IP packets are discarded, forcing re-
transmission of these packets. In some situations, this could prevent
successful communication, so this setting is normally disabled.
Block TCP Flood
A TCP flood is excessively large number of TCP connection requests.
This is usually a DoS (Denial of Service) attack. This setting should
be normally being enabled.
Block UDP Flood
A UDP flood is excessively large number of UDP packets. This is
often a DoS (Denial of Service) attack, but some streaming applica-
tions also use UDP, and blocking UPD packets may prevent them
from working correctly.
Block
non-standard
packets
Abnormal packets are often used by hackers and in DoS attacks, but
may also be generated by other network devices. (PCs will normally
not generate non-standard packets.) This setting is disabled by de-
fault, but on most networks it can safely be enabled, and doing so will
provide greater protection.