D-Link DFL-800 CLI Guide - Page 145

3.43.8. IPSettings Chapter 3. Configuration Reference IKEMaxCAPath IPsecCertCacheMaxCerts IPsecBeforeRules IPsecGWNameCacheTime DPDMetric DPDKeepTime DPDExpireTime Maximum number of CA certificates in a certificate path. (Default: 15) Maximum number of entries in the certificate cache. (Default: 1024) Pass IKE & IPsec (ESP/AH) traffic sent to the security gateway directly to the IPsec engine without consulting the ruleset. (Default: Yes) Amount of time to keep an IPsec tunnel open when the remote DNS name fails to resolve. (Default: 14400) Metric 10s of seconds with no traffic or other evidence of life in tunnel before SA is removed. (Default: 3) Number 10s of seconds a SA will remain in dead cache after a delete. DPD will not trigger if peer already is cached as dead. (Default: 2) Number of seconds that DPD-R-U-THERE messages will be sent. (Default: 15) Note This object type does not have an identifier and is identified by the name of the type only. There can only be one instance of this type. 3.43.8. IPSettings Description Settings related to the IP protocol. Properties LogCheckSumErrors LogNonIP4 LogReceivedTTL0 Block0000Src Block0Net Block127Net BlockMulticastSrc TTLMin TTLOnLow TTLMinMulticast Log IP packets with bad checksums. (Default: Yes) Log occurrences of non-IPv4 packets. (Default: Yes) Log received packets with TTL=0; this should never happen! (Default: Yes) Block 0.0.0.0 as source address. (Default: Drop) Block 0.* source addresses. (Default: DropLog) Block 127.* source addresses. (Default: DropLog) Block multicast source addresses (224.0.0.0--255.255.255.255). (Default: DropLog) The minimum IP Time-To-Live value accepted on receipt. (Default: 3) What action to take on too low unicast TTL values. (Default: DropLog) The minimum IP multicast Time-To-Live value accepted on 145