ZyXEL Communications G.SHDSL.bis 4-port Security Gateway P-793H User Manual
Page 15
P-793H User’s Guide
Table of Contents
15
9.5.1 The “Triangle Route” Problem ................................................................134
9.5.2 Solving the “Triangle Route” Problem .....................................................135
9.6 General Firewall Policy ....................................................................................136
9.7 Firewall Rules Summary .................................................................................137
9.7.1 Configuring Firewall Rules ....................................................................138
9.7.2 Customized Services .............................................................................141
9.7.3 Configuring A Customized Service ........................................................141
9.8 Example Firewall Rule .....................................................................................142
9.9 Anti-Probing .....................................................................................................146
9.10 DoS Thresholds ............................................................................................147
9.10.1 Threshold Values ..................................................................................147
9.10.2 Half-Open Sessions ..............................................................................148
9.10.2.1 TCP Maximum Incomplete and Blocking Time ...........................148
10.1 Content Filtering Overview ............................................................................151
10.2 Configuring Keyword Blocking .......................................................................151
10.3 Configuring the Schedule ..............................................................................152
10.4 Configuring Trusted Computers ....................................................................153
11.1.1.1 IP Addresses of the ZyXEL Device and Remote IPSec Router ..156
11.1.1.2 IKE SA Proposal ..........................................................................157
11.1.1.3 Diffie-Hellman (DH) Key Exchange .............................................157
11.1.1.4 Authentication ..............................................................................158
11.1.2.1 Negotiation Mode ........................................................................159
11.1.2.2 VPN, NAT and NAT Traversal .....................................................160
11.1.3.1 Local Network and Remote Network ...........................................161
11.1.3.2 Active Protocol .............................................................................161
11.1.3.3 Encapsulation ..............................................................................161
11.1.3.4 IPSec SA Proposal and Perfect Forward Secrecy ......................162