Netgear FVS338 FVS338 Reference Manual - Page 65

VPN Pass through, Security, Firewall Rules, Attack, Checks, Attack Checks, Apply - pptp

Page 65 highlights

FVS338 ProSafe VPN Firewall 50 Reference Manual When the victimized system is flooded, it is forced to send many ICMP packets, eventually making it unreachable by other clients. The attacker may also spoof the IP address of the UDP packets, ensuring that the excessive ICMP return packets do not reach him, thus making the attacker's network location anonymous. If enabled, the router will not accept more than 20 simultaneous, active UDP connections from a single computer on the LAN. • VPN Pass through. When the router is in NAT mode, all packets going to the Remote VPN Gateway are first filtered through NAT and then encrypted per the VPN policy. For example, if a VPN Client or Gateway on the LAN side of this router wants to connect to another VPN endpoint on the WAN (placing this router between two VPN end points), encrypted packets will be sent to this router. Since this router filters the encrypted packets through NAT, the packets will become invalid unless VPN Pass through is enabled. When enabled, the VPN tunnel will pass the VPN traffic without any filtering. Tunnels can be - IPSec - PPTP - L2TP To select the appropriate checkbox for your requirement: 1. Select Security from the main menu, Firewall Rules from the submenu and then the Attack Checks tab. The Attack Checks screen will display. 2. Check the radio boxes of the Attack Checks you wish to initiate. 3. Click Apply to save your settings. . Figure 4-5 Firewall Protection and Content Filtering v1.0, March 2009 4-11

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200

FVS338 ProSafe VPN Firewall 50 Reference Manual
Firewall Protection and Content Filtering
4-11
v1.0, March 2009
When the victimized system is flooded, it is forced to send many ICMP packets, eventually
making it unreachable by other clients. The attacker may also spoof the IP address of the UDP
packets, ensuring that the excessive ICMP return packets do not reach him, thus making the
attacker’s network location anonymous.
If enabled, the router will not accept more than 20 simultaneous, active UDP connections from
a single computer on the LAN.
VPN Pass through
. When the router is in NAT mode, all packets going to the Remote VPN
Gateway are first filtered through NAT and then encrypted per the VPN policy.
For example, if a VPN Client or Gateway on the LAN side of this router wants to connect to
another VPN endpoint on the WAN (placing this router between two VPN end points),
encrypted packets will be sent to this router. Since this router filters the encrypted packets
through NAT, the packets will become invalid unless VPN Pass through is enabled.
When enabled, the VPN tunnel will pass the VPN traffic without any filtering. Tunnels can be
IPSec
PPTP
L2TP
To select the appropriate checkbox for your requirement:
1.
Select
Security
from the main menu,
Firewall Rules
from the submenu and then the
Attack
Checks
tab. The
Attack Checks
screen will display.
2.
Check the radio boxes of the Attack Checks you wish to initiate.
3.
Click
Apply
to save your settings.
.
Figure 4-5