Netgear FVS336Gv2 – ProSafe Dual WAN Gigabit Firewall with SSL & IPSec VPN 참조 매뉴얼
Customize Firewall Protection
274
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
8.
Enter the settings as described in the following table.
9.
Click the Apply button.
Your settings are saved.
Manage Time-Out Periods for TCP, UDP, and ICMP Sessions
For IPv4 traffic, a TCP, UDP, or ICMP session expires if the VPN firewall does not process
data for the session during the time-out period.
data for the session during the time-out period.
To manage the time-out periods for TCP, UDP, and ICMP sessions:
1.
On your computer, launch an Internet browser.
Setting
Description
Session Limit
Session Limit Control
From the menu, select an option:
•
When single IP exceeds. When the limit is reached, no new session is
allowed from the IP address. A new session is allowed only when an existing
session is terminated or times out. You must specify the action and period by
selecting one of the following radio buttons:
allowed from the IP address. A new session is allowed only when an existing
session is terminated or times out. You must specify the action and period by
selecting one of the following radio buttons:
-
Block IP to add new session for. No new session is allowed from the IP
address for a period. In the Time field, specify the period in seconds.
address for a period. In the Time field, specify the period in seconds.
-
Block IP's all connections for. All sessions from the IP address are
terminated, and new sessions are blocked for a period. In the Time field,
specify the period in seconds.
terminated, and new sessions are blocked for a period. In the Time field,
specify the period in seconds.
•
Single IP Cannot Exceed. When the limit is reached, no new session is
allowed from the IP address for a specified period, or all sessions from the IP
address are terminated and new sessions are blocked for a specified period.
allowed from the IP address for a specified period, or all sessions from the IP
address are terminated and new sessions are blocked for a specified period.
User Limit Parameter
From the menu, select an option:
•
Percentage of Max Sessions. A percentage of the total session connection
capacity of the VPN firewall.
capacity of the VPN firewall.
•
Number of Sessions. An absolute number of maximum sessions.
User Limit
Enter a number to indicate the user limit. Note the following:
•
If the selection from the User Limit Parameter is Percentage of Max
Sessions, the number specifies the maximum number of sessions that are
allowed from a single-source device as a percentage of the total session
connection capacity of the VPN firewall. (The session limit is per-device
based.)
Sessions, the number specifies the maximum number of sessions that are
allowed from a single-source device as a percentage of the total session
connection capacity of the VPN firewall. (The session limit is per-device
based.)
•
If the selection from the User Limit Parameter is Number of Sessions, the
number specifies an absolute value.
number specifies an absolute value.
Note:
Some protocols such as FTP and RSTP create two sessions per connection,
which you must consider when you configure a session limit.
Total Number of
Packets Dropped due
to Session Limit
Packets Dropped due
to Session Limit
This is a nonconfigurable counter that displays the total number of dropped packets
when the session limit is reached.
when the session limit is reached.