Filter
Top Products
K-33
User Guide for Cisco Security Manager 3.2
OL-16066-01
Appendix K Router Platform User Interface Reference
Advanced Interface Settings Page
Enable Directed
Broadcasts
When selected, directed broadcast packets are “exploded” as a link-layer
broadcast when this interface is directly connected to the destination subnet.
When deselected, directed broadcast packets that are intended for the subnet
to which this interface is directly connected are dropped rather than being
broadcast. This is the default.
An IP directed broadcast is an IP packet whose destination address is a valid
broadcast address on a different subnet from the node on which it originated.
In such cases, the packet is forwarded as if it was a unicast packet until it
reaches its destination subnet.
This option affects only the final transmission of the directed broadcast on
its destination subnet; it does not affect the transit unicast routing of IP
directed broadcasts.
Note Because directed broadcasts, and particularly ICMP directed
broadcasts, have been abused by malicious persons, we recommend
deselecting this option on interfaces where directed broadcasts are
not needed.
ACL Applies only when directed broadcasts are enabled.
The standard access list that determines which directed broadcasts are
permitted to be broadcast on the destination subnet. All other directed
broadcasts destined for the subnet to which this interface is directly
connected are dropped. Enter the name of an ACL object, or click Select to
display an Object Selectors, page F-593.
If the standard ACL you want is not listed, click the Create button in the
selector to display the Add and Edit Standard Access List Pages, page F-42.
From here you can create an ACL object.
Note To prevent misuse by malicious persons, we recommend using ACLs
to restrict the use of directed broadcasts.
Advanced Interface Settings buttons
OK button Saves your changes locally on the client and closes the dialog box.
Note To save your changes to the Security Manager server so that they are
not lost when you log out or close your client, click Save on the
source page.
Table K-13 Advanced Interface Settings Dialog Box (Continued)