Hotbrick Dual WAN Firewall VPN 1400/2 User Manual
HotBrick, Tel: 305-398-0888, Fax: 305-398-5966
IPSec policy options
Tunnel Attribute – The defined attributes for the tunnel.
Dead Peer Detection - This setting allows you to use a WAN port for backup or
for WAN failover in the event of a connection failure.
Check Method – You can choose ICMP, Heartbeat or DPD protocol. This detects if the remote
end of the VPN tunnel is alive or not.
end of the VPN tunnel is alive or not.
Options :
NetBIOS Broadcast- This is used to forward NetBIOS broadcasts across the Internet.
Auto Trigger–This helps keep the IPSec tunnel connection us so it can be re-established
immediately, if a connection is dropped and detected.
Anti Replay – This keeps IP packet-level security in order.
Passive mode – This means that your PC establishes the data connection (if you enable passive
mode).
Check ESP Pad – If enabled, ESP (Encapsulating Security Payload),it will check ESP padding.
Allow Full ECN – Enable will allow full Explicit Congestion Notification (ECN). ECN is a standard
proposed by the IETF that will cut down on network congestion and routers dropping packets.
Copy DF Flag – When an IP packet is encapsulated as payload inside another IP packet, some of the
outer header fields can be rewritten, and others are determined by the inner header. Among
these fields is the IP DF (don't fragment) flag. When the inner packet DF flag is clear, the outer packet may
copy it or set it; however, when the inner DF flag is set, the outer header MUST copy it.
these fields is the IP DF (don't fragment) flag. When the inner packet DF flag is clear, the outer packet may
copy it or set it; however, when the inner DF flag is set, the outer header MUST copy it.
49