General ipsec settings, General ipsec settings -29 – Carrier Access Multi-Service Router (MSR) Card MSR/Adit 3K GUI User Manual

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI

2-29

Advanced

IPSec (IP Security)

General IPSec Settings

Field

Definition

Block Unauthorized IP

When an IP address fails to register with IPSec connection, it can be blocked
for a set amount of time by the firewall.

Enabled

Checked box enables the blocking of unauthorized IP access.

Maximum number or
authentication failures

Maximum number of failures before a block takes effect.
Range 0 - 2147483647 failures.

Block Period

Sets the number of seconds for the IP address to be blocked.
Range 0 - 2147483647 seconds.

Anti-Replay

Enable anti-replay
protection

Anti-Replay is a security service where the receiver can reject old or
duplicate packets to protect itself against replay attacks. IPSec provides this
optional service by use of a sequence number combined with the use of data
authentication. PIX Firewall IPSec provides this service whenever it provides
the data authentication service, except in the following:
The service is not available for manually established security associations
(security associations established by manual configuration and not by IKE).

Connections

New Connection

Creates a new secured connection. The user is guided through a series of
windows to configure this connection.