ZyXEL LTE7485-S905 User Guide - Page 126
DoS, Select Service, TCP/UDP, ICMPv6, Reject, Accept, WAN to LAN, WAN to Router
View all ZyXEL LTE7485-S905 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 126 highlights
Chapter 11 Firewall Table 46 Security > Firewall > Access Control > Add New ACL Rule (continued) LABEL DESCRIPTION IP Type Select between IPv4 or IPv6. Compared to IPv4, IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. The Zyxel Device can use IPv4/IPv6 dual stack to connect to IPv4 and IPv6 networks, and supports IPv6 rapid deployment (6RD). Select Service Select a service from the Select Service box. Protocol Select the protocol (ALL, TCP/UDP, TCP, UDP, ICMP, or ICMPv6) used to transport the packets for which you want to apply the rule. Custom Source Port This is a single port number or the starting port number of a range that defines your rule. Custom Destination Port This is a single port number or the ending port number of a range that defines your rule. TCP Flag Select the TCP Flag (SYN, ACK, URG, PSH, RST, FIN). Policy Use the drop-down list box to select whether to discard (Drop), deny and send an ICMP destination-unreachable message to the sender (Reject), or allow the passage of (Accept) packets that match this rule. Direction Select WAN to LAN to apply the rule to traffic from WAN to LAN. Select LAN to WAN to apply the rule to traffic from LAN to WAN. Select WAN to Router to apply the rule to traffic from WAN to router. Select LAN to Router to apply the rule to traffic from LAN to router. Enable Rate Limit Click to enable (switch turns blue) the setting of maximum number of packets per maximum number of minute/second to limit the throughput of traffic that matches this rule. If not, the next item will be disabled. Scheduler Rules packet(s) per (1-512) Enter the maximum number of packets (1-512) per minute/second. Add New Rule Select a schedule rule for this ACL rule from the drop-down list box. You can configure a new schedule rule by clicking Add New Rule. OK Click this to save your changes. Cancel Click this to exit this screen without saving. 11.6 DoS DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. Figure 97 Security > Firewall > DoS LTE Series User's Guide 126