92
Firewall configuration
Note
When the number of incomplete sessions from a same host reaches the maximum value
(
Maximum incomplete TCP/UDP sessions number from same host
), a security
alert symbol ( ) displays on the
Security
line of the
System
>
Status
page. If you open
the
Security
section, an alert message next to
SPI
indicates the security violation. Click
Alert
to view the log details on the
System
>
Log
page. Click
Clear
to remove the alert message
from the status page.
This page includes the following settings:
Enable
Enables the SPI features on the router.
Connection Policy
•
Fragmentation half-open wait
: Configures the number of seconds that a packet state
structure remains active. When the timeout value expires, the router drops the un-assembled
packet, freeing that structure for use by another packet.
•
TCP SYN wait
: Defines how long the software waits for a TCP session to synchronize
before dropping the session.
•
TCP FIN wait
: Specifies how long a TCP session is maintained after the firewall detects a
FIN packet.
Содержание PS110
Страница 6: ...6 ...
Страница 10: ...10 Deploying the HP PS110 ...
Страница 32: ...32 Managing the HP PS110 system ...
Страница 48: ...48 LAN configuration ...
Страница 76: ...76 VPN configuration ...
Страница 84: ...84 Routing configuration ...
Страница 94: ...94 Firewall configuration ...
Страница 126: ...126 Tools ...
Страница 130: ...130 ...