beautypg.com

4) connection policy – Sagem F@ST 1500WG User Manual

Page 87

background image

4 - Configuring the SAGEM F@st™ 1500 ADSL router

SAGEM F@st™ 1500 Reference Manual - 288053220-03

Reproduction and communication prohibited without the written permission of

E

E

E

E

Page 4-41

When particular types of traffic are checked, only the particular type of traffic initiated from the
internal LAN will be allowed. For example, if the user only checks “FTP Service” in the Stateful
Packet Inspection section, all incoming traffic will be blocked except for FTP connections
initiated from the local LAN.

Stateful Packet Inspection allows you to select different application types that are using dynamic
port numbers. If you wish to use the Stateful Packet Inspection (SPI) to block packets, click on
the Yes radio button in the “Enable SPI and Anti-DoS firewall protection” field and then check
the inspection type that you need, such as Packet Fragmentation, TCP Connection, UDP
Session, FTP Service, H.323 Service, or TFTP Service.

3) When hackers attempt to enter your network, we can alert you by e-mail

Enter your email address.

Specify your SMTP and POP3 servers, user name, and password.

4) Connection Policy

Enter the appropriate values for TCP/UDP sessions as described in the following table.

Parameter

Defaults

Description

Fragmentation
half-open wait

10 sec

Configures the number of seconds that a packet state structure
remains active. When the timeout value expires, the router drops
the unassembled packet, freeing that structure for use by another
packet.

TCP SYN wait

30 sec

Defines how long the software will wait for a TCP session to
synchronize before dropping the session.

TCP FIN wait

5 sec

Specifies how long a TCP session will be maintained after the
firewall detects a FIN packet.

TCP connection
idle timeout

3600 seconds
(1 hour)

The length of time for which a TCP session will be managed if there
is no activity.

UDP session
idle timeout

30 sec

The length of time for which a UDP session will be managed if
there is no activity.

H.323 data
channel idle
timeout

180 sec

The length of time for which an H.323 session will be managed if
there is no activity.

This manual is related to the following products: