Filter
Top Products
134 Chapter 8 - IntraGuard Firewall Configuration
Advanced Settings: Firewall Path Dialog Box
Advanced Settings: Firewall Path Dialog Box
To access this dialog box, select FirewallPath/Settings from the Device View,
then click on the Advanced button.
Advanced Options
These settings allow detailed control of how certain packet types and sessions
will be handled on the path.
PermitEstTCP
This checkbox sets whether the path will permit TCP sessions for which the
IntraGuard did not see the SYN flag. The SYN flag is included in the header
of the first couple of TCP packets and indicates that a session is being estab-
lished. When checked, this allows established connections to continue after
rebooting the device, but it is also a less secure option. The default is
unchecked.
ResetRedirects
This checkbox sets whether the device will terminate sessions on a firewall
path where ICMP redirects have been sent. ICMP redirects are generated
when a device cannot route a packet correctly on its own. The effect can be
that three firewall path sessions will be created to route the packet correctly,
two of which will not be needed after the first packet gets delivered. The
default is unchecked.
SendTCPReset
This checkbox sets whether the device will send a TCP reset message to the
client when a TCP session has been rejected. The default is unchecked.