| Index |
| Unique interface index |
| RipSend |
| specifies which versions of RIP messages are sent to that interface. Usually RIP messages are sent as broadcast, except this object is set to ripV2mcast. In this case RIP V2 messages are sent to the multicast address 224.0.0.9 . Enumerations: - ripV1 (1)
- ripV2 (2)
- both (3)
- none (4)
- ripV2mcast (5)
- ripV1trig (6)
- ripV2trig (7)
|
| RipReceive |
| specifies which versions of RIP messages are accepted from that interface. RIP V2 messages are received regardless if they are sent as broadcast or multicast. Enumerations: - ripV1 (1)
- ripV2 (2)
- both (3)
- none (4)
- ripV1trig (5)
- ripV2trig (6)
|
| ProxyArp |
| Switch for Proxy ARP on this interface. Enumerations: |
| Nat |
| This object can be used to switch NAT on and off for a specific interface. Enumerations: - off (1)
- on (2)
- reverse (3)
- loopback (4)
|
| NatRmvFin |
| This object specifies, whether entries in the IpNatTable shall be removed, when TCP-FINS have been received and acknowledged in both directions, a TCP-RST has been received or a ICMP-ERROR message has been received for the entry. Enumerations: |
| NatTcpTimeout |
| TCP NAT entries vanish unconditionally after not being used for the amount of time specified by this object in seconds. Range: 0 to 5184000 |
| NatOtherTimeout |
| Non-TCP NAT entries vanish unconditionally after not being used for the amount of time specified by this object in seconds. Range: 0 to 5184000 |
| NatOutXlat |
| This object can be used to switch the outgoing address translation off. Then, all addresses are passed instead of being translated. The session mechanism remains active and implements a security mechanism. Enumerations: |
| Accounting |
| Switch for accounting on the specified interface. An IP packet is being accounted, when this object is set to on for either the source or the destination interface. Enumerations: |
| TcpSpoofing |
| Switch for TCP spoofing on this interface. TCP keepalive polls are answered by the BRICK to prevent unnecessary ISDN connections. Set this object to on for ISDN dialup interfaces. Enumerations: |
| AccessAction |
| This object describes the action, that is done, when a packet received from the interface has been filtered out. When set to ignore, no action takes place. When set to refuse, an ICMP unreachable message is being sent to the originator of the packet. Enumerations: |
| AccessReport |
| This object specifies, how a packed filtered by accesslists should be logged. When set to none, no logging takes place. When set to info, protocol, ip-addresses and portnumbers are logged. When set to dump, a dump of the first 64 bytes of the packet will be written to the syslog table. Enumerations: |
| Ospf |
| Configure the OSPF status of this interface. Routing information about routes on passive and active interfaces is propagated on active interfaces. Only active interfaces run the OSPF protocol. When set to off the interface and its associated routes are invisible to the OSPF protocol. Enumerations: - passive (1)
- active (2)
- off (3)
|
| OspfMetric |
| Configure the metric calculation of OSPF interfaces. If set to auto the metric is calculated based on ifSpeed. If set to fixed the metric is taken from the ospfIfMetricTable. Additionaly the metric adjustment for dialup interfaces can be configured. If set to auto-adjust or fixed-adjust the basic metric value is reduced if the operational status of the dialup interface is up. Enumerations: - auto (1)
- fixed (2)
- auto-adjust (3)
- fixed-adjust (4)
|
| TcpCksum |
| Enable or disable the TCP checksum check for local packets received on the corresponding interface. Disabling the check may improve performance for some local applications (i.e. remote CAPI). This object should only be set to dont-check on interfaces for LANs without further routers. Packets received from routers may have a corrupted TCP checksum and TCP will no longer be able to detect those packets. The TCP checksum must be checked by the receiving TCP under any circumstances, when TCP header compression is used on any router. Enumerations: |
| BackRtVerify |
| This object activates an additional check for incoming packets. If set to on, incoming packets are only accepted if return packets sent back to their source IP address would be sent over the same interface. This prevents packets being passed from untrusted interfaces to this interface. Enumerations: |
| RuleIndex |
| This object defines the index of the first access rule that is applied for incoming packets. If set to 0 or if there is no access rule with this index no access rules are applied for this interface. |
| Authentication |
| This object defines the authentication scheme used for incoming packets. Enumerations: |
| AuthMode |
| This object defines the authentication mode. If set to strict each source IP address must be authenticated. If set to loose all source IP addresses are allowed if at least one IP address is successfully authenticated. Enumerations: |
| AuthLifeTime |
| This object defines the time in seconds a successful authentication is valid since the IP partner was authenticated. Range: 180 to 36000 |
| AuthKeepalive |
| This object defines the period between short authentications that are invisible to the user |
| RouteAnnounce |
| This object defines the condition when routes on this interface are propagated by routing protocols. If set to up-only routes are only propagated if the operational status of the interface is up. If set to up-dormant routes are propagated if the status is up or dormant. If set to always routes are propagated independent of the operational status. Enumerations: - up-only (1)
- up-dormant (2)
- always (3)
|
| IpFragmentation |
| This object defines different modes used for fragmentation of IP datagrams greater than the MTU of the destination interface. If set to enabled (1) each IP datagram will be splitted into a first fragment MTU sized and the last one smaller than the first. If set to disabled (2) an ICMP unreachable message will be performed. The equal (3) mode defines a fragmentation technique wich generates fragments having approximately the same size whereon the reverse (4) mode starts with a small fragment followed by MTU sized fragment(s). Enumerations: - enabled (1)
- disabled (2)
- equal (3)
- reverse (4)
|
| Rerouting |
| This object enables or disables rerouting on this interface. The default value is enabled. If set to disabled, then only the better one route from two or more possible routes is chosen, even if the ifOperStatus of the interface for this route is dormant. Enumerations: |
| BodRuleIndex |
| This object defines the index of the first rule used for Bandwidth on Demand (BOD) that is applied for incoming and/or outgoing traffic. If set to 0 or if there is no entry in the ipBodRuleTable with this index no BOD-specific information is applied for this interface. |
| QosRuleIndex |
| This object defines the index of the first rule used for Qos (Qualtiy of Service) rules applied for IP traffic. If set to 0 or if there is no entry in the ipQoSTable with this index no QoS-specific information is applied for this interface. |
| IpsecAccounting |
| This object determines, whether packets which are en- or decapsulated by IPSec should be accounted with encapsulation header(ipsec) or without the encapsulation header (clear), or even twice (both). Enumerations: - ipsec (1)
- clear (2)
- both (3)
|
| Multicast |
| Enable that multicast frames are accepted from that interface. Enumerations: |
| NatSilentDeny |
| This object specifies - if NAT is enabled (see ipExtIfNat) - whether incoming IP packets not passed by the NAT barrier should answered with an ICMP Host Unreachable or TCP RST message addressed to to packet originator. If set to enabled(2), such incoming IP packets will be silently discarded. Enumerations: |
| NatPPTPXlat |
| This object specifies - if NAT is enabled (see ipExtIfNat) - whether PPTP (point to point protocol) connections are translated. This is needed if there are more than one PPTP client behind NAT. Enumerations: |
| TcpMssClamping |
| This object specifies whether TCP MSS clamping is enabled on the interface. -1 disables clamping, 0 clamps the MSS depending on the interface MTU. A value > 0 will be used as clamping size. Range: -1 to 32000 |
| NbdgmRelayAddress |
| This object contains the destination IP address to which Netbios Datagram request are forwarded by the router. |
| NatMaxSessions |
| This object limits the maximum number of NAT sessions on a interface. Range: 1 to 65535 |
| AllowedPeers |
| If this object is set to 'dhcpclients', the router refuses to exchange data with hosts which are not DHCP clients on this interface. If this object is set to 'all', the router accepts to exchange data with any host. Enumerations: |
| NatFlush |
| If this object in enabled NAT-Flushing is done else not. NAT-Flushing means that the NAT Entries for this interface will be deleted in the case of an OperStatus change to down or dormant. Enumerations: |
| HttpRedirect |
| If not set to 'disabled' all HTTP requests on this interface will be directed either to the local HTTP daemon or HTTP proxy. Enumerations: - disabled (1)
- local (2)
- proxy (3)
|
| WolRuleIndex |
| This object defines the index of the first rule used for Wake-On-LAN (WOL) that is applied for incoming and/or outgoing traffic. If set to 0 or if there is no entry in the ipWolRuleTable with this index no WOL-specific information is applied for this interface. |
| Policy |
| The kind of connection. trusted = Secure, filtering deactivated untrusted = not secure (WAN) filter activated Enumerations: |