Configure Advanced interfaces settings
Digi TransPort User Guide 298
Enable the firewall on this interface
Enabling this checkbox causes the router to apply the firewall settings to traffic using this
interface. When debugging connections issues it is often helpful to ensure that this checkbox
is NOT checked, as incorrect firewall rules will prevent a connection from passing network
traffic. If the connection works when the firewall is turned off but fails when turned on, a good
place to start checking parameters would be in the firewall settings page, Configuration >
Security > Firewall.
Remote management access
The Remote access options parameter can be set to No restrictions, Disable management,
Disable return RST, Disable management and return RST.
• When set to No restrictions, users on this interface can access the router’s Telnet, FTP, and
web services for the purpose of managing the router.
• When set to Disable management, users on this interface are prevented from managing
the router via Telnet, FTP, or the web interface.
•For Disable return RST, whenever a router receives a TCP SYN packet for one of its own IP
addresses with the destination port set to an unexpected value, such as a port that the
router would normally expect to receive TCP traffic on, it will reply with a TCP RST packet.
This is normal behavior. However, the nature of internet traffic is such that whenever an
internet connection is established, TCYP SYN packets are to be expected. As the router’s
PPP inactivity timer is restarted each time the router transmits data (but not when it
receives data), the standard response of the router to SYN packets, such as transmitting an
RST packet, will restart the inactivity timer and prevent the router from disconnecting the
link even when there is no genuine traffic. This effect can be prevented by using the
appropriate commands and options within the firewall script. However, on Digi 1000 series
routers, or where you are not using a firewall, the same result can be achieved by selecting
this option, such as when this option is selected the normal behavior of the router in
responding to SYN packets with RST packets is disabled. The option will also prevent the
router from responding to unsolicited UDP packets with the normal ICMP destination
unreachable responses.
•The Disable management an return RST option prevents users from managing the
router via the Telnet, FTP, and web interfaces and also disables the transmission of TCP RST
packets as above.
To Next Page
Loading...
